Jump to Shopping Cart Continue shopping
CL08: Cloud Security Alliance CCSK Plus Certification
Duration: 3 Days
The 3-day Cloud Computing Security Knowledge class provides students a comprehensive review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK v3.0 certificate exam. Starting with a detailed description of cloud computing, the course covers all major domains in the Guidance v3.0 document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA). In addition to covering the above guidance and recommendations, the course continues building cloud security knowledge by performing extensive hands-on activities. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.
Hands-on labs and theory
Your Registration Includes:
- Certified course manual
- Training from the leaders in cloud security training in North America!
- CCSK Certification Exam Registration
- Official Cloud Security Alliance Training on Security Guidance for Critical Areas Of Focus in Cloud Computing
- Exclusive access to CCSK exam prep questions – Over 200 questions that test your knowledge before taking the real exam
- Pre-paid access to Amazon Web Services – No credit card required
About the CCSK Certification exam
- Exam is included (2 attempts)
- The CCSK exam is a 90 minute exam that consists of 60 questions spread across the 14 CSA domains.
- Exam can be taken after the course from home or office
- Detailed exam information can be found at – https://cloudsecurityalliance.org/wp-content/uploads/2013/02/CCSK-Prep-Guide-V3.pdf
The intended audience for our training is people who wish to learn more about cloud computing in general, and the security aspects that require addressing prior to deployment of any system in a public or private cloud:
- IT Auditors
- IT Security Professionals
- Business Analysts
- System Architects
- Business Owners
- Business Unit Stakeholders
What is the Cloud Security Alliance?
The Cloud Security Alliance (CSA) is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders such as Google, Microsoft Amazon Web Services, Cisco, Oracle and AT&T. Learn more.
An overview of Core NIST Model of Cloud Computing
- What is the Cloud
- What is the difference between Virtualization and the Cloud?
Deployment Models and Responsibilities
- Where does the provider’s responsibility end and yours begins
- Public, Private and Hybrid Models
- Security MUST be addressed
- Responsibility is not always outsourced when leveraging Cloud
Choosing Cloud Providers
- A brief overview of items to look for, such as reviewable audits (ISO 27001, SSAE16/SAS70)
- Analyzing who is in charge of what from a security perspective based on the service Model (SaaS, IaaS, PaaS)
- An overview of incident response issues and responsibilities in the cloud
- Who is responsible for what?
- Who owns Incident Response?
Data Security Lifecycle in the Cloud
- The various stages of the Data Security Lifecycle
- The controls and technologies that can be used to address all stages of the lifecycle
Cloud Risk Management
- The differences between traditional Risk Management and Risk Management in the Cloud
Security Tradeoffs cloud Vs. Traditional IT
- The differences between security in the cloud
- Traditional server security
- Virtualized servers.
- Legal, jurisdictional, contractual, regulatory material
- What can be audited, what cannot
- What needs to change when using public providers?
- The changes in Change Management when applications and/or services are run in the cloud.
- Types of Cloud Storage available
- SAN technology through to Storage as a Service.
- Streamlining accounts and passwords used by employees
- Provisioning and de-provisioning of access
- Standards used in private and public clouds
Creating and Securing Private Clouds
- Define Private Clouds
- Review security considerations
- Key design considerations
Cloud Security Alliance Training – Hands-On Labs
Performing a Cloud-Based Risk Assessment
- Group work to analyze and make recommendations on security issues for our fictional research company looking to move to the cloud.
Using Cloud Services
- IaaS architecture
- Access a public cloud provider to securely create own cloud-based servers
Encryption in the Cloud
- Available encryption architectures along with strengths and weaknesses
- Hands-on implementation of cloud encryption is performed
- Controls available
- Working with application
- Network security
- Securely creating snapshots and Identity
- Access Management in the cloud.
- Learn about the major vendors available today
- understand security issues surrounding a Private Cloud implementation
- students will build their own Private Cloud using Openstack using their own virtual machines.
“This course is conducted and delivered by Intrinsec, who holds a Cloud Security Alliance® (CSA) Training Partnership. CTC TrainCanada acts as a service provider to Intrinsec.”