0345 4506120

Certificate of Cloud Security Knowledge

Our CCSK training is based on version 4 of the CCSK course and the version 4 exam. The Cloud Security Alliance’s Security Guidance for Critical Areas of Focus in Cloud Computing seeks to establish a stable, secure baseline for cloud operations. It acts as a practical, actionable roadmap to individuals looking to safely and securely adopt the cloud paradigm.

The Cloud Computing Security Knowledge class provides students a comprehensive schedule. Day one and two will offer a review of cloud security fundamentals and day three offers the practical behind the theory, in addition to the valuable knowledge, we will be preparing the student to take the Cloud Security Alliance CCSK certification exam.

Starting with a detailed description of cloud computing, the course covers all major domains in the Guidance version 4 document from the Cloud Security Alliance and the recommendations from the European Network and Information Security Agency (ENISA). Our Certificate of Cloud Security Knowledge CCSK training programme is geared towards security professionals looking to achieve the CCSK plus certification, also useful for anyone looking to expand their knowledge of cloud security.

This training is only intended for individuals preparing for the CCSK certification exam.

Reset

Learning Objectives

This training programme is geared towards security professionals looking to achieve the CCSK-plus certification, but is also useful for anyone looking to expand their knowledge of cloud security.

We recommend for all prospective CCSK PLUS students to have a basic understanding of IT security.

Pre-Requisites

We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management.

Course Content

This is a two day class that begins with the CCSK Basic training, over two days, followed by a third day, CCSK plus, of additional content and hands-on activities.

Domain 1 Cloud Computing Concepts and Architectures

  • Definitions of Cloud Computing
    • Service Models
    • Deployment Models
    • Reference and Architecture Models
    • Logical Model
  • Cloud Security Scope, Responsibilities, and Models
  • Areas of Critical Focus in Cloud Security

Domain 2: Governance and Enterprise Risk Management

  • Tools of Cloud Governance
  • Enterprise Risk Management in the Cloud
  • Effects of various Service and Deployment Models
  • Cloud Risk Trade-offs and Tools

Domain 3: Legal Issues, Contracts and Electronic Discovery

  • Legal Frameworks Governing Data Protection and Privacy
    • Cross-Border Data Transfer
    • Regional Considerations
  • Contracts and Provider Selection
    • Contracts
    • Due Diligence
    • Third-Party Audits and Attestations
  • Electronic Discovery
    • Data Custody
    • Data Preservation
    • Data Collection
    • Response to a Subpoena or Search Warrant

Domain 4: Compliance and Audit Management

  • Compliance in the Cloud
    • Compliance impact on cloud contracts
    • Compliance scope
    • Compliance analysis requirements

Audit Management in the Cloud

  • Right to audit
  • Audit scope
  • Auditor requirements

Domain 5: Information Governance

  • Governance Domains
  • Six phases of the Data Security Lifecycle and their key elements
  • Data Security Functions, Actors and Controls

Domain 6: Management Plane and Business Continuity

  • Business Continuity and Disaster Recovery in the Cloud
  • Architect for Failure
  • Management Plane Security

Domain 7: Infrastructure Security

  • Cloud Network Virtualization
  • Security Changes With Cloud Networking
  • Challenges of Virtual Appliances
  • SDN Security Benefits
  • Micro-segmentation and the Software Defined Perimeter
  • Hybrid Cloud Considerations
  • Cloud Compute and Workload Security

Domain 8: Virtualization and Containers

  • Mayor Virtualizations Categories
  • Network
  • Storage
  • Containers

Domain 9: Incident Response

  • Incident Response Lifecycle
  • How the Cloud Impacts IR

Domain 10: Application Security

  • Opportunities and Challenges
  • Secure Software Development Lifecycle
  • How Cloud Impacts Application Design and Architectures

The Rise and Role of DevOps

Domain 11: Data Security and Encryption

  • Data Security Controls
  • Cloud Data Storage Types
  • Managing Data Migrations to the Cloud
  • Securing Data in the Cloud

Domain 12: Identity, Entitlement, and Access Management

  • IAM Standards for Cloud Computing
  • Managing Users and Identities
  • Authentication and Credentials
  • Entitlement and Access Management

Domain 13: Security as a Service

  • Potential Benefits and Concerns of SecaaS
  • Major Categories of Security as a Service Offerings

Domain 14: Related Technologies

  • Big Data
  • Internet of Things
  • Mobile
  • Serverless Computing

Exams & Certification

The online examination is 60 questions and is  90 minutes long.

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the request service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.

 

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Virtual Classroom

Virtual classrooms provide all the benefits of attending a classroom course without the need to arrange travel and accomodation. Please note that virtual courses are attended in real-time, commencing on a specified date.

Virtual Course Dates

Our Customers Include