Cloud Computing Security Knowledge (CCSK)

Sale!

Leading the way

Cloud Computing Security Knowledge (CCSK)

| Total Course Video Hours:  9 Hrs 20 Min
|  Videos: 62
|  Course Access: 12 Months Unlimited Access
|  Study Method: Online Video Lessons
|  Course Type: Certificate Course
|  Award: Cyber Studies Institute
|  International Certification (optional): Cloud Computing Security Knowledge (CCSK)

Course Fee:

R1600,00

Current Special Ends in:

Days
Hours
Minutes
Seconds

Overview

The Cloud Computing Security Knowledge class provides students thorough coverage of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. The course begins with a detailed description of cloud computing and then expands into all major domains such as; Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster Recovery Upon completing this course, the students will be experts in the following topics:

  • Pass the CCSK Exam Understanding cloud computing security challenges
  • Cloud computing security controls recommendation
  • Elasticity
  • Resiliency and Measured Usage
  • Understand the cloud computing architectural framework

Curriculum

1: Architecture
„ NIST Definitions
„ Essential Characteristics
„ Service Models
„ Deployment Models
„ Multi-Tenancy
„ CSA Cloud Reference Model
„ Jericho Cloud Cube Model
„ Cloud Security Reference Model
„ Cloud Service Brokers
„ Service Level Agreements

 

2: Governance and Enterprise Risk Management
„ Contractual Security Requirements
„ Enterprise and Information Risk Management
„ Third Party Management Recommendations
„ Supply chain examination
„ Use of Cost Savings for Cloud

 

3: Legal Issues: Contracts and Electronic Discovery
„ Consideration of cloud-related issues in three dimensions
„ eDiscovery considerations
„ Jurisdictions and data locations
„ Liability for activities of subcontractors
„ Due diligence responsibility
„ Federal Rules of Civil Procedure and electronically stored
information
„ Metadata
„ Litigation hold

 

4: Compliance and Audit Management
„ Definition of Compliance
„ Right to audit
„ Compliance impact on cloud contracts
„ Audit scope and compliance scope
„ Compliance analysis requirements
„ Auditor requirements

5: Information Management and Data Security
„ Six phases of the Data Security Lifecycle and their key elements
„ Volume storage
„ Object storage
„ Logical vs physical locations of data
„ Three valid options for protecting data
„ Data Loss Prevention
„ Detection Data Migration to the Cloud
„ Encryption in IaaS, PaaS & SaaS
„ Database Activity Monitoring and File Activity Monitoring
„ Data Backup
„ Data Dispersion
„ Data Fragmentation

 

6: Interoperability and Portability
„ Definitions of Portability and Interoperability
„ Virtualization impacts on Portability and Interoperability
„ SAML and WS-Security
„ Size of Data Sets
„ Lock-In considerations by IaaS, PaaS & SaaS delivery models
„ Mitigating hardware compatibility issues

 

7: Traditional Security, Business Continuity, and Disaster
Recovery
„ Four D’s of perimeter security
„ Cloud backup and disaster recovery services
„ Customer due diligence related to BCM/DR
„ Business Continuity Management/Disaster Recovery due
diligence
„ Restoration Plan
„ Physical location of cloud provider

 

8: Data Center Operations
„ Relation to Cloud Controls Matrix
„ Queries run by data center operators
„ Technical aspects of a Provider’s data center operations for
customers
„ Logging and report generation in multi-site clouds

 

9: Incident Response
„ Factor allowing for more efficient and effective containment
and recovery in a cloud
„ Main data source for detection and analysis of an incident
„ Investigating and containing an incident in an Infrastructure
as a Service environment
„ Reducing the occurrence of application level incidents
„ How often should incident response testing occur
„ Offline analysis of potential incidents

10: Application Security
„ Identity, entitlement, and access management (IdEA)
„ SDLC impact and implications
„ Differences in S-P-I models
„ Consideration when performing a remote vulnerability test of a cloud-based application
„ Categories of security monitoring for applications
„ Entitlement matrix

 

11: Encryption and Key Management
„ Adequate encryption protection of data in the cloud
„ Key management best practices, location of keys, keys per user
„ Relationship to tokenization, masking, anonymization and cloud database controls

 

12: Identity, Entitlement, and Access Management
„ Relationship between identities and attributes
„ Identity Federation
„ Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
„ SAML and WS-Federation
„ Provisioning and authoritative sources

 

13: Virtualization
„ Security concerns for hypervisor architecture
„ VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
„ In-Motion VM characteristics that can create a serious complexity for audits
„ How can virtual machine communications bypass network security controls
„ VM attack surfaces
„ Compartmentalization of VMs

 

14: Security as a Service
„ 10 categories
„ Barriers to developing full confidence in security as a service (SECaaS)
„ Deployment of Security as a Service in a regulated industry prior SLA
„ Logging and reporting implications
„ How can web security as a service be deployed
„ What measures do Security as a Service providers take to earn the trust of their customers
„ ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
„ Isolation failure
„ Economic Denial of Service
„ Licensing Risks
„ VM hopping
„ Five key legal issues common across all scenarios
„ Top security risks in ENISA research
„ OVF
„ Underlying vulnerability in Loss of Governance
„ User provisioning vulnerability
„ Risk concerns of a cloud provider being acquired
„ Security benefits of cloud

10 reviews for Cloud Computing Security Knowledge (CCSK)

  1. Nomalanga

    The knowledge I gained from this course will stay with me forever. Thank you!

  2. Zain

    Thank you for helping me get my dream job

  3. Kato

    I’ve never enjoyed learning as much as I did in this course.

  4. Siphosethu

    The course provided a solid foundation in the subject matter, equipping me with the knowledge I needed to excel in my field.

  5. Henry

    Thank you for providing such an incredible learning experience.

  6. Nokuthula

    The course had a logical progression, building on previous concepts and gradually increasing difficulty.

  7. Mthokozisi

    I liked the community aspect of the course, as I could interact with other learners and exchange ideas.

  8. Ayanda

    This course has been a game-changer for me.

  9. Hlumelo

    You’ve set the bar incredibly high. Best course ever!

  10. Ziyanda

    This course has been a game-changer for me.

Add a review

Your email address will not be published. Required fields are marked *

Excited to Study Enroll Qualify

If you are ready to take the next step, click on the “Enroll Now” button below or “Contact us now” on this course for a detailed course outline or if you have any questions. An expert course adviser is standing by to assist you.

CompTIA Authorized Partner

Cyber Studies Institute (Pty) Ltd is proud to be an Official CompTIA Authorized Partner. Ensuring that you receive the best training in the world.

CompTIA Authorized Partner

How does studying with CSI work?

Click here to read how the process of studying at CSI work.