Course: Certified Cloud Security Professional (CCSP)

$429.00
$519.09 incl. vat

duration: 20 hours |

Language: English (US) |

access duration: 90 days |

In Onbeperkt Leren

In this CCSP training /course you will have an introduction to the six domains established by ISC² to achieve the Certified Cloud Security Professional certification.

The six knowledge areas that are covered include :

  • Architectural Concepts & Design requierements
  • Cloud Data Security
  • Cloud Platform & Infrastructure Security
  • Cloud Application Security
  • Operations
  • Legal & Compliance

In these six areas of knowledge you will learn securing data and applications in the cloud. Finally, you will be dealing with operations management and you will have an introduction about the legal rules to be applied in the cloud environment .

Among the subjects covered are cloud computing, defined deployment models, cloud -hosted assets, data masking, methodologies, COC, storage as a service ( STaaS ) VM files, ACL, BC strategies, BC mechanisms, SAST, DAST, network support tools, VLAN, TLS, patches, ISMS, ISCS, GAAP guidelines and far more.

Result

After finishing this training you are familiar with the six domains that are needed to achieve the Certified Cloud Security Professional certification.

Prerequisites

There is no specific knowledge required.

Target audience

Network Administrator

Certified Cloud Security Professional (CCSP)

20 hours

Cloud System Architecture – Concepts and Design

  • start the course
  • define and describe cloud components
  • define cloud system participants: consumers, providers, partners, auditors, regulators
  • outline the operational characteristics of cloud computing
  • outline the supporting architectural components and infrastructure of cloud computing
  • detail Cloud Computing Activities with reference to ISO/IEC 17789, Clause 9
  • define how cloud services are categorized based on supported services and capabilities
  • describe the industry-defined standard categories of cloud computing
  • describe the defined deployment models of the cloud services
  • describe the additional operational aspects of the cloud service environment
  • describe the encryption of cloud-hosted assets
  • define access and access control to cloud-hosted assets (data, files, and resources)
  • outline asset and media management with respect to deletion/removal/overwrite on a cloud platform
  • define issues and solutions relating to cloud network structures
  • define issues and solutions relating to cloud virtualization infrastructures
  • list and describe known and common threats to cloud infrastructure and data assets
  • define security considerations and responsibilities on a per Cloud Model (Category basis – IaaS, PaaS, and SaaS plus their various derivatives)
  • detail the security-based data life cycle of cloud-hosted assets (data, files, features)
  • describe business continuity and disaster recovery as it applies to a cloud service
  • define how a cloud deployment might be analyzed on a cost basis
  • define and describe focus areas relating to the functional security of the cloud service including vendor lock-in, interoperability, portability, migration, etc.
  • describe methodologies for mapping cloud service requirements to service provider certification and product certifications
  • outline methodologies for mapping cloud components to appropriate or required industry certifications or industry standards
  • define Cloud Service roles, categories, and services; describe data state and data asset classification with reference to security; and outline the purpose of Common Criteria

Cloud Data Security

  • start the course
  • define the various life stages of cloud-hosted data assets
  • define the various technologies associated with data asset security and protection
  • define storage modes in a cloud computing environment, and be able to map data assets to appropriate storage mode
  • define and describe potential threats associated with storage types
  • define threat mitigation technology and techniques
  • define encryption as it applies to cloud-hosted data
  • describe key-pair management as it applies to cloud-hosted data
  • describe data masking and masking methodologies
  • describe data tokenization technologies
  • describe technology selection with respect to criteria
  • list active data privacy protection legislation by jurisdiction – Data Privacy Acts/Laws
  • describe data discovery and its implementation methodologies
  • outline data classification and the classification of discovered sensitive data
  • detail data asset mapping to data control types
  • define data rights objects in terms of user access control, managing roles, and role-based access options
  • define data retention policy principles and how to develop appropriate practices
  • outline principles, and how to define and manage data deletion procedure and methodologies
  • outline principles, and how to define and manage data archiving procedures and methodologies
  • list event sources and associated identity
  • detail event recording, analyzing event data, and aspects of storage and protection of event data
  • describe COC as it applies to data hosted on the cloud and understand how nonrepudiation is handled within a cloud hosting environment
  • describe common storage media threats, data protection techniques and failover architectures

Cloud System Security - Platform and Infrastructure

  • start the course
  • recognize the physical and virtual components within a cloud platform
  • define the networking and communication architecture of a cloud platform
  • define the compute service as it applies to the cloud platform
  • define the available virtualization options within a cloud platform
  • define storage and Storage as a Service (STaaS) within a cloud platform
  • describe and define risk as it applies to cloud services and underlying infrastructure, and adopt a risk analysis and management posture regarding cloud computing
  • describe and define known threats and attack vectors associated with cloud services and infrastructure
  • define virtualization-specific areas of focus with reference to security such as Hypervisor, VM files, and VM deletion
  • define and describe threat mitigation and attack handling techniques including ACL, designing in security, and adopting security measures
  • design and deploy physical and environmental security mechanisms
  • design and deploy security mechanisms to mitigate failure and threats, and avoid attack to the systems and communication hardware within a cloud platform
  • describe and manage identification, system, and data access in addition to authentication and authority within the cloud service
  • define auditing techniques and responsibilities within key areas of focus, including asset access, asset status, deletions, archiving, and reporting
  • describe and deploy DR and BC with respect to the cloud environment
  • describe and deploy DR and BC with respect to operations and business requirements
  • define and describe relevant DR and BC strategies
  • deploy DR and BC mechanisms
  • describe cloud device platforms and associated risks; discuss vulnerabilities within the virtualized infrastructure and attack vectors in general; and finally, discuss available disaster recovery architectures

Cloud Application Security

  • start the course
  • describe awareness and required training to develop an understanding of security focus areas relating to cloud applications
  • describe common issues relating to the development of cloud-based applications
  • describe common security issues relating to Cloud-hosted applications. Define the importance of foreknowledge regarding cloud application vulnerabilities and OWASP research
  • describe the application development life cycle with reference to cloud security
  • define functional testing as it relates to cloud-based application software
  • describe application testing with reference to cloud security. Describe SAST, DAST, and Penetrative Testing methodologies
  • outline the deployment of verified and approved APIs
  • describe the significance of surfacing the Supply-Chain with reference to cloud-hosted application software
  • define the mechanics, phases, and methodologies associated with application development
  • define how business requirements impact on application development and throughout the application life time
  • describe requirements and best practices for application configuration, and version management
  • define known threats and security issues that must be considered when developing cloud-hosted applications
  • define cloud-specific risks, and assimilate to mitigate threat within the design and during the operational phases of cloud-hosted applications
  • define how to analyze security threats and risks to an application
  • describe associated hardware/software components related to the security of cloud applications
  • define security protocols and measures associated with application data and data packet protection
  • describe isolation and sandboxing as it applies to cloud-hosted applications
  • describe the virtualization technology associated with cloud-hosted applications
  • describe Federated Identity and its deployment for cloud-hosted application authorization and access
  • define Single Sign-On/Off and its place within the cloud service security framework
  • describe and deploy Multifactor Authentication within a cloud service security framework
  • describe the phase of NIST's SDLC and define the difference between SDLF and S-SDLC

Cloud Service – Operations Management

  • start the course
  • define the design and implementation of logical elements of a proposed cloud service, including tenant isolation, access control, etc.
  • define the design and implementation of physical aspects of a proposed cloud service, including build or rent, location, management
  • describe the deployment and configuration of secured hardware with reference to BIOS, TMP, storage controllers, network controllers, etc.
  • describe the deployment and configuration of secured hardware with reference to BIOS, TMP, storage controllers, network controllers, etc.
  • define local machine access controls, and deployment of secure KMV switches
  • define techniques to secure network configuration and network support tools, including VLAN, TLS, DHPC and Authorized DHCP, DNS and Secure, and IPSec
  • define techniques to secure the datacenter network and network access
  • define operating system hardening techniques with reference to OS: Windows, Linux, VMware, etc.
  • describe standalone and cluster host availability, backup, and failover, in addition to load balancing, dynamic optimization (DO), maintenance mode, and general high availability best practice adoption
  • describe the mechanisms for deploying Remote Access, including RDP, Secure Terminal Access
  • define the preservation of OS compliance with reference to monitoring and remediation
  • describe requirements and best practices with reference to fixes, patches, and updates
  • describe requirement to continuously monitor and report on host component performance
  • describe requirement to continuously monitor and report on host component performance
  • describe the implementation of back and restore policy with reference to cloud components, including data, configurations, etc.
  • define the deployment of network security-related controls, including firewalls, IDS, IPS, honeypot deployment, and vulnerability assessment/threat mitigation
  • define requirement for hardware event logging and reporting #1
  • define requirement for hardware event logging and reporting #2
  • describe host maintenance, scheduled preventive hardware maintenance, planned backups, hardware redundancy strategy, and notification/continuity
  • define the secure configuration of the virtual hardware, including network, storage and elastic expansion, memory, and external devices
  • describe the tolls associated with VM OS installation on the physical host
  • describe compliance and control principles and standards: Change and Continuity Management
  • describe compliance and control principles and standards: Information Security, Service Improvement, Incident, Problem, and Release Management
  • describe compliance and control principles and standards: Configuration, Service Level, Availability and Capacity Management
  • describe and implement risk management
  • describe best practice approach to the deployment of proactive and reactive forensic data collection methods
  • describe and deploy best practice systems that guarantee essential and open contact and communications with cloud system providers, vendors, cloud system consumers and users, partners, auditors, regulators, and any other key stakeholders
  • detail datacenter operational design factors and define network component security control, define four system management categories and the NIST Forensic Evidence process, describe Cloud Service Actor communications

Cloud Service – Legal and Compliance

  • start the course
  • describe areas of legislative conflict with respect to cloud-hosted services
  • appraise legal risks associated with the provision of cloud services
  • describe how to apply control policy with respect to legal requirements
  • define eDiscovery and its impact on cloud service provision, requirements, and responsibilities
  • define the legislative requirement related to forensic data management
  • define PII, outline the difference between contractual and regulated PII, and describe the differences between confidentiality, integrity, availability, and privacy
  • describe the international variations that apply to PII and data privacy
  • define audit operations and auditor tasks with reference to cloud computing services, and outline distributed service issues with respect to auditing
  • describe audit requirements, scope, and reporting as they apply to cloud services
  • outline challenges associated with auditing the virtualized infrastructure of a cloud-based service
  • define audit reporting against a background of prevailing standards, and outline audit scope and audit regulation requirements with respect to highly regulated industries
  • define gap analysis and audit planning with reference to cloud service auditing
  • describe the deployment of Internal Information Security Management (ISMS) and Security Control Systems (ISCS) - ISO 27000 Series
  • describe the deployment of ISMS and ISCS with reference to ISO, ITIL, and NIST
  • describe issues with obtaining details of a CSP's risk management data
  • describe issues surrounding the importance of data ownership and define interrelationships between owner and custodian regarding responsibility
  • outline measures to mitigate risk
  • outline the integration of information security and risk management activities into a formal framework
  • outline the metrics that quantify and measure the extent of a risk associated with cloud service elements and components
  • define key areas of focus for risk assessment, including supplier, vendors, services, and so on
  • describe business requirements with reference to the Service Level Agreement, GAAP guidelines, and standards
  • describe the vendor and provider vetting process with reference to certifications, audit and event reporting, accreditations, and so on
  • describe the deployment of supply-chain management in the context of cloud services
  • detail current legislation relating to PII and define a number of widely adopted auditing compliance frameworks and report types; outline available auditing standards and frameworks, describe ISMS and applicable standards and guidance, and detail a number of cloud service adoption risks; and finally, outline some detail on available cloud service-related risk management frameworks

We offer several optional training products to enhance your learning experience. If you are planning to use our training course in preperation for an official exam then whe highly recommend using these optional training products to ensure an optimal learning experience. Sometimes there is only a practice exam or/and practice lab available.

Optional practice exam (trial exam)

To supplement this training course you may add a special practice exam. This practice exam comprises a number of trial exams which are very similar to the real exam, both in terms of form and content. This is the ultimate way to test whether you are ready for the exam. 

Optional practice lab

To supplement this training course you may add a special practice lab. You perform the tasks on real hardware and/or software applicable to your Lab. The labs are fully hosted in our cloud. The only thing you need to use our practice labs is a web browser. In the LiveLab environment you will find exercises which you can start immediatelyThe lab enviromentconsist of complete networks containing for example, clients, servers,etc. This is the ultimate way to gain extensive hands-on experience. 

WHY_ICTTRAININGEN

Via ons opleidingsconcept bespaar je tot 80% op trainingen

Start met leren wanneer je wilt. Je bepaalt zelf het gewenste tempo

Spar met medecursisten en profileer je als autoriteit in je vakgebied.

Ontvang na succesvolle afronding van je cursus het officiële certificaat van Icttrainingen.nl

Krijg inzicht in uitgebreide voortgangsinformatie van jezelf of je medewerkers

Kennis opdoen met interactieve e-learning en uitgebreide praktijkopdrachten door gecertificeerde docenten

Orderproces

Once we have processed your order and payment, we will give you access to your courses. If you still have any questions about our ordering process, please refer to the button below.

frequently asked quesions

What is included?

Certificate of participation Yes
Monitor Progress Yes
Award Winning E-learning Yes
Mobile ready Yes
Sharing knowledge Unlimited access to our IT professionals community
Study advice Our consultants are here for you to advice about your study career and options
Study materials Certified teachers with in depth knowledge about the subject.
Service World's best service

Platform

Na bestelling van je training krijg je toegang tot ons innovatieve leerplatform. Hier vind je al je gekochte (of gevolgde) trainingen, kan je eventueel cursisten aanmaken en krijg je toegang tot uitgebreide voortgangsinformatie.

Life Long Learning

Follow multiple courses? Read more about our Life Long Learning concept

read more

Contact us

Need training advise? Contact us!


contact