Cloud Computing Security Knowledge (CCSK)

Area:
Nationwide Locations
Price: on request
Duration: 12 Months
Type:
Distance Learning and Online

Course description

Course Details

The Cloud Computing Security Knowledge course provides students with thorough coverage of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. The course begins with a detailed description of cloud computing and then expands into all major organisations such as; Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster. The CCSK is an examination testing for a broad foundation of knowledge about cloud security, with topics ranging from architecture, governance, compliance, operations, encryption, virtualiszation and much more. The body of knowledge for the CCSK examination is the CSA Security Guidance for Critical Areas of Focus in Cloud Computing V3, English language version, and the ENISA report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”.

This course includes the following features:

Instructor-led demonstrations and visual presentations that you to develop your skills based on real world scenarios.

Unlike a live class, you can fast-forward, repeat or rewind all your lectures. This gives you all the benefit of hands-on training with the flexibility of doing it around your schedule 24/7.

Flash Cards and Education Games are also provided throughout the course.

Practice exams prepare you for your exams. These exams are on average 100 questions to ensure you are 100% prepared if you are taking a certification exam.

You can also interact and collaborate with other students through our forums, student contributions and announcement features.

 

Who should complete this course?

 IT Managers, IT Security personnel, Programmers and Developers, IT Security Managers.

 People considering a career in IT Security Management.

 

Entry Requirements / Prerequisites

None. Recommended experience is six months’ direct experience in an IT environment, including IT-related tasks, responsibility, and decision making.

 

Topics covered in this Course

 

Architecture

NIST Definitions

Essential Characteristics

Service Models

Deployment Models

Multi-Tenancy

CSA Cloud Reference Model

Jericho Cloud Cube Model

Cloud Security Reference Model

Cloud Service Brokers

Service Level Agreements

 

Governance and Enterprise Risk Management

Contractual Security Requirements

Enterprise and Information Risk Management

Third Party Management Recommendations

Supply chain examination

Use of Cost Savings for Cloud

 

Legal Issues: Contracts and Electronic Discovery

Consideration of cloud-related issues in three dimensions

eDiscovery considerations

Jurisdictions and data locations

Liability for activities of subcontractors

Due diligence responsibility

Federal Rules of Civil Procedure and electronically stored information

Metadata

Litigation hold

Compliance and Audit Management

Definition of Compliance

Right to audit

 

Compliance impact on cloud contracts

Audit scope and compliance scope

Compliance analysis requirements

Auditor requirements

 

Information Management and Data Security

Six phases of the Data Security Lifecycle and their key elements

Volume storage

Object storage

Logical vs physical locations of data

Three valid options for protecting data

Data Loss Prevention

Detection Data Migration to the Cloud

Encryption in IaaS, PaaS and SaaS

Database Activity Monitoring and File Activity Monitoring

Data Backup

Data Dispersion

Data Fragmentation

 

Interoperability and Portability

Definitions of Portability and Interoperability

Virtualization impacts on Portability and Interoperability

SAML and WS-Security

Size of Data Sets

Lock-In considerations by IaaS, PaaS and SaaS delivery models

Mitigating hardware compatibility issues

 

Traditional Security, Business Continuity, and Disaster Recovery

Four D’s of perimeter security

Cloud backup and disaster recovery services

Customer due diligence related to BCM/DR

Business Continuity Management/Disaster Recovery due diligence

Restoration Plan

Physical location of cloud provider

 

Data Center Operations

Relation to Cloud Controls Matrix

Queries run by data center operators

Technical aspects of a Provider’s data center operations for customers

Logging and report generation in multi-site clouds

 

Incident Response

Factor allowing for more efficient and effective containment and recovery in a cloud

Main data source for detection and analysis of an incident

Investigating and containing an incident in an Infrastructure as a Service

environment

Reducing the occurrence of application level incidents

How often should incident response testing occur

Offline analysis of potential incidents

 

Application Security

Identity, entitlement, and access management (IdEA)

SDLC impact and implications

Differences in S-P-I models

Consideration when performing a remote vulnerability test of a cloud-based

application

Categories of security monitoring for applications

Entitlement matrix

 

Encryption and Key Management

Adequate encryption protection of data in the cloud

Key management best practices, location of keys, keys per user

Relationship to tokenization, masking and cloud database controls

 

Identity, Entitlement, and Access Management

Relationship between identities and attributes

Identity Federation

Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)

SAML and WS-Federation

Provisioning and authoritative sources

 

Virtualization

Security concerns for hypervisor architecture

VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps

In-Motion VM characteristics that can create a serious complexity for audits

How can virtual machine communications bypass network security controls

VM attack surfaces

Compartmentalization of VMs

 

Security as a Service

10 categories

Barriers to developing full confidence in security as a service (SECaaS)

Deployment of Security as a Service in a regulated industry prior SLA

Logging and reporting implications

How can web security as a service be deployed

What measures do Security as a Service providers take to earn the trust of their customers

ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security

Isolation failure

Economic Denial of Service

Licensing Risks

VM hopping

Five key legal issues common across all scenarios

Top security risks in ENISA research

OVF

Underlying vulnerability in Loss of Governance

User provisioning vulnerability

Risk concerns of a cloud provider being acquired

Security benefits of cloud

Risks

Data controller vs data processor definitions in Infrastructure as a Service (IaaS), who is responsible for guest systems monitoring.

 

Assessment

Once you successfully pass the programme, you will receive a Certificate in Cloud Security from CMIT.

You may optionally take an online exam to receive CCSK certification. This is assessed through a computer-based multiple choice exam. Exam fees are not included in the course price.

 

Technical Requirements

Broadband internet connection.

Browser – we recommend Chrome or Safari for Tablet or Apple Mac; and Firefox or Internet Explorer for PC hardware.

Operating System – PC (Windows XP, Vista, 7 or 8), Mac or Android.

 

Accreditation

You may optionally take exams to receive CCSK Certification. This is assessed through computer-based multiple choice exams (CSA-CCSK). Exam fees are not included in the course price.


Course Enquiry

* I have read & agree to Findacourse privacy policy
Receive monthly updates about courses & colleges (unsubscribe at any time)