Course Overview

To ensure that Cloud Security professionals have the knowledge, skills, and capabilities required in Cloud security design, implementation, architecture, operations, controls, compliance with regulations and dealing with cloud data security and protection as well as infrastructure security

Course Outlines

• Cloud Concepts, Architecture and Design
  - Understand Cloud Computing Concepts
  - Describe Cloud Reference Architecture
  -Understand Security Concepts Relevant to Cloud Computing
  -Understand Design Principles of Secure Cloud Computing
  -Evaluate Cloud Service Providers
• Cloud Data Security
  - Describe Cloud Data Concepts
  - Design and Implement Cloud Data Storage Architectures
  - Design and Apply Data Security Technologies and Strategies
  - Implement Data Discovery
  - Implement Data Classification
  - Design and Implement Information Rights Management (IRM)
  - Plan and Implement Data Retention, Deletion and Archieving Policies
  - Design and Implement Auditability, Traceability and Accountability of Data Events
• Cloud Platform & Infrastructure Security
  - Comprehend Cloud Infrastructure Components
  -Design a Secure Data Center
  - Analyze Risks Associated with Cloud Infrastructure
  - Design and Plan Security Controls
   - Plan Disaster Recovery (DR) and Business Continuity (BC) 
• Cloud Application Security
  - Advocate Training and Awareness for Application Security
  - Describe the Secure Software Development Life Cycle (SDLC) Process
  - Apply the Secure Software Development Life Cycle (SDLC)
  - Apply Cloud Software Assurance and Validation
  - Use Verified Secure Software
  - Comprehend the Specifics of Cloud Application Architecture
  - Design Appropriate Identity and Access Management (IAM) Solutions
• Cloud Security Operations
  - Implement and Build Physical and Logical Infrastructure for Cloud Environment
  - Operate Physical and Logical Infrastructure for Cloud Environment
  - Manage Physical and Logical Infrastructure for Cloud Environment
  - Implement Operational Controls and Standards (e.g., Information Technology Infrastructure library (ITIL), International Organization for Standardization/International Electro technical Commission (ISO/IEC) 20000-1)
  - Support Digital Forensics
  - Manage Communication with Relevant Parties
  - Manage Security Operations
• Legal, Risk and Compliance
  - Articulate Legal Requirements and Unique Risks within the Cloud Environment
  - Understand Privacy Issues
  - Understand Audit Process, Methodologies, and Required Adaptations for a Cloud Environment
  - Understand Implications of Cloud to Enterprise Risk Management
  - Understand Outsourcing and Cloud Contract Design
  
  
  
  

Course Objectives

After CCSP we will be able to: 

• Cloud Reference Structure Description - Cloud Computing Activities 
• Understand the cloud service (for example, types of application capabilities, types of platform capabilities, types of infrastructure capabilities
• Apply cloud publishing models ( for example, Public, Private, Mixed, Community)
• Data and media sterilization (for example, writing, erasing encryption)
• Network security (for example, network security groups)
• Secure virtualization (for example, Hypervisor Security, container security)
• Understanding the design principles for secure cloud computing - the secure cloud data life cycle
• Define functional safety requirements (such as portability, interoperability, and vendor lock)
• Cloud service providers Assessment - Verification of standards (for example, International organization for standardization / International electro technical commission (ISO / IEC) 27017, Payment Card Industry Data Security Standard (PCI DSS)
• Design and implementation of cloud data storage structures - Types of storage (for example, long-term, ephemeral, raw disk)
• Design and implementation of data security technologies and strategies - encryption and key management
• Data loss prevention (DLP) and interference
• Deselect data (such as cloaking)
• Data classification application - mapping
• IRM design and implementation - objectives (eg. data rights, savings, access models)
• Plan and implement data retention, deletion and archiving policies - data retention policies
• Procedures for deleting data and mechanisms and archiving data
• Designing and implementing audit traceability and accountability - defining event sources and identify attribution requirements
• Record, store and analyz data events
• Understanding the components of cloud infrastructure - physical environment
• Safe data center design - logical design (for example, tenant partitioning, access control)
• Cloud infrastructure risk analysis - risk assessment and analysis, system protection, communications, and virtualization systems
• Development of a Disaster Recovery (DR) and Business Continuity (BC) Plan - Cloud-related risks
• 
  
• 
  

Course Prerequisites

There are no prerequisites to take the CCSP course.

Course Schedule

Course Delivery Format

1. In-Person Training:

Benefits:

Personal Interaction: Participants can interact with the instructor and fellow learners, fostering a sense of community.

Immediate Feedback: Instructors can provide real-time feedback, addressing questions and concerns on the spot.

Hands-on Activities: Practical exercises and group activities can be conducted more effectively in person.

1. Online Training:

Benefits:

Flexibility: Learners can access the course content at their own pace and time, accommodating diverse schedules.

Cost-Effective: Eliminates the need for travel and accommodation expenses, making it more economical.

Scalability: Can accommodate a large number of participants simultaneously, making it suitable for widespread audiences.

1. Blended Learning (Combination of In-Person and Online):

Benefits:

Flexibility: Combines the advantages of both in-person and online formats, offering a balance between structure and autonomy.

Cost-Efficiency: Reduces the need for extensive in-person sessions, saving on travel and venue costs.

Adaptability: Can cater to diverse learning styles by incorporating various modes of instruction.

1. Virtual Classrooms:

Benefits:

Real-Time Interaction: Allows for live Q&A sessions, discussions, and engagement with participants.

Accessibility: Participants from different locations can join without the need for physical presence.

Recording Options: Recordings can be made available for participants who may have missed the live session.

1. Self-Paced Learning (eLearning Modules, Videos):

Benefits:

Individualized Learning: Participants can progress at their speed, revisiting content as needed.

Consistency: Ensures uniform delivery of content to all participants.

24/7 Accessibility: Learners can access materials whenever and wherever is convenient for them.

1. Customized Courses:

Relevant Content: Tailored to specific organizational goals.

Industry Focus: Incorporates real industry challenges.

Adapted Learning: Matches varied skill levels of participants.

Focused Skills: Targets key competencies for job success.

Cultural Sensitivity: Respects diverse backgrounds within the organization.

Engaging Content: Uses relatable examples and scenarios.

Flexible Delivery: Adaptable to different learning formats.

Measurable Success: Sets clear objectives for easy evaluation.

Continuous Improvement: Uses feedback for ongoing enhancements.

Cost-Effective: Efficiently directs resources for maximum impact.