Cloud Computing Security Knowledge (CCSK)
Vocational qualification
Online
Description
-
Type
Vocational qualification
-
Methodology
Online
-
Start date
Different dates available
As cloud computing shows itself to be the future of information technology, several studies have pointed to the necessity of addressing the IT industry's skills gap and training professionals in both cloud computing and security.
Cloud computing is being aggressively adopted on a global basis as businesses seek to reduce costs and improve their agility. And one of the critical needs of the industry is to provide training and certification of professionals to assure that cloud computing is implemented responsibly, and with the appropriate security controls.
My Training Academy'sCloud Computing Security Knowledgecourse provides students thorough coverage of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. The course begins with a detailed description of Cloud Computing and then expands into all major domains such as: Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster Recovery.The course is of particular interest to:
IT infrastructure managers who need to understand and plan for Cloud adoption.
IT professionals who need to better understand Cloud technologies.
IT systems engineers who need to understand Cloud configuration, deployment and support.
Professionals working within the Cloud IT sector who want to achieve the vendor neutral Cloud Security CCSK qualification.
Important information
Price for Emagister users:
Facilities
Location
Start date
Start date
About this course
Upon completing this course, the students will be experts in the following topics:
Pass the CCSK Exam
Understanding cloud computing security challenges
Cloud computing security controls recommendation
Elasticity, Resiliency and Measured Usage
Understand the cloud computing architectural framework
The great thing about our Cloud Computing Security Knowledge course is that you are in charge of your start and finish date, with no deadline pressures!
We train our students to the very best standards, offering expert instructor-led training via our state of the art...
Reviews
Subjects
- Business Continuity
- Risk
- Monitoring
- Compliance
- Risk Management
- Governance
- Audit
- Computing
- Hacking
- Data Protection
- Computer Engineering
- Systems
- Industry
- IT risk
- IT Security
- Data security
- Computer Systems
- IT Systems
- Computer Science
- Network Engineering
- Computering
Course programme
NIST Definitions
Essential Characteristics
Service Models
Deployment Models
Multi-Tenancy
CSA Cloud Reference Model
Jericho Cloud Cube Model
Cloud Security Reference Model
Cloud Service Brokers
Service Level Agreements2: Governance and Enterprise Risk Management
Contractual Security Requirements
Enterprise and Information Risk Management
Third Party Management Recommendations
Supply chain examination
Use of Cost Savings for Cloud3: Legal Issues: Contracts and Electronic Discovery
Consideration of cloud-related issues in three dimensions
eDiscovery considerations
Jurisdictions and data locations
Liability for activities of subcontractors
Due diligence responsibility
Federal Rules of Civil Procedure and electronically stored information
Metadata
Litigation hold4: Compliance and Audit Management
Definition of Compliance
Right to audit
Compliance impact on cloud contracts
Audit scope and compliance scope
Compliance analysis requirements
Auditor requirements5: Information Management and Data Security
Six phases of the Data Security Lifecycle and their key elements
Volume storage
Object storage
Logical vs physical locations of data
Three valid options for protecting data
Data Loss Prevention
Detection Data Migration to the Cloud
Encryption in IaaS, PaaS & SaaS
Database Activity Monitoring and File Activity Monitoring
Data Backup
Data Dispersion
Data Fragmentation6: Interoperability and Portability
Definitions of Portability and Interoperability
Virtualization impacts on Portability and Interoperability
SAML and WS-Security
Size of Data Sets
Lock-In considerations by IaaS, PaaS & SaaS delivery models
Mitigating hardware compatibility issues7: Traditional Security, Business Continuity, and Disaster Recovery
Four D's of perimeter security
Cloud backup and disaster recovery services
Customer due diligence related to BCM/DR
Business Continuity Management/Disaster Recovery due diligence
Restoration Plan
Physical location of cloud provider8: Data Center Operations
Relation to Cloud Controls Matrix
Queries run by data centre operators
Technical aspects of a Provider's data centre operations for customers
Logging and report generation in multi-site clouds9: Incident Response
Factor allowing for more efficient and effective containment and recovery in a cloud
Main data source for detection and analysis of an incident
Investigating and containing an incident in an Infrastructure as a Service environment
Reducing the occurrence of application level incidents
How often should incident response testing occur
Offline analysis of potential incidents10: Application Security
Identity, entitlement, and access management (IdEA)
SDLC impact and implications
Differences in S-P-I models
Consideration when performing a remote vulnerability test of a cloud-based application
Categories of security monitoring for applications
Entitlement matrix11: Encryption and Key Management
Adequate encryption protection of data in the cloud
Key management best practices, location of keys, keys per user
Relationship to tokenization, masking, anonymization and cloud database controls12: Identity, Entitlement, and Access Management
Relationship between identities and attributes
Identity Federation
Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
SAML and WS-Federation
Provisioning and authoritative sources13: Virtualization
Security concerns for hypervisor architecture
VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
In-Motion VM characteristics that can create a serious complexity for audits
How can virtual machine communications bypass network security controls?
VM attack surfaces
Compartmentalization of VMs14: Security as a Service
10 categories
Barriers to developing full confidence in security as a service (SECaaS)
Deployment of Security as a Service in a regulated industry prior SLA
Logging and reporting implications
How can web security as a service be deployed?
What measures do Security as a Service provider take to earn the trust of their customers?
ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
Isolation failure
Economic Denial of Service
Licensing Risks
VM hopping
Five key legal issues common across all scenarios
Top security risks in ENISA research
OVF
Underlying vulnerability in Loss of Governance
User provisioning vulnerability
Risk concerns of a cloud provider being acquired
Security benefits of cloud
Risks
Data controller vs data processor definitions in Infrastructure as a Service (IaaS), who is responsible for guest systems monitoringMULTI-USER TRAINING PACKAGESThis online course can be integrated in your professional training plan. M.T.A. can provide you with a tailored learning solution, that can be customised to meet each team member's requirements. Choosing a multi-user training package, you can get significant discounts for 5+ users and even further discounts for 10+ users Ð and an excellent return on your investment.
Cloud Computing Security Knowledge (CCSK)