CCSP – Certified Cloud Security Professional Seminar and Exam Prep

$2,895.00

Whether you are preparing to take the CCSP exam or simply want to learn more about security implications in the Cloud, this 5-day class is taught by internationally-recognized CISSP/CCSP security expert Terumi Laskowsky. For more information about Terumi, click this link. This course is full of great information and covers 100% of the CCSP exam objectives. The course includes course book, practice exams, electronic flash cards, and searchable key term glossary. If you are pursing certification, we also offer exam insurance.

Oct 23rd class – SOLD OUT



SKU: CCSP Category:

Description

Course: CCSP – Certified Cloud Security Professional Seminar and Exam Prep

About this course

Whether you are preparing to take the CCSP exam or simply want to learn more about security implications in the Cloud, this 5-day class is taught by internationally-recognized CISSP/CCSP security expert Terumi Laskowsky. For more information about Terumi, click this link. This course is full of great information and covers 100% of the CCSP exam objectives. The course includes course book, practice exams, electronic flash cards, and searchable key term glossary. If you are pursing certification, we also offer exam insurance.

The cost of the course is budget friendly and you can attend live in Redmond, WA or remotely from your home or office.

Oct 23rd class – SOLD OUT

Audience Profile

This course targets IT professionals interested in furthering their professional development and studying for the CCSP Exam and learn about Cloud Computing and Security.

The CCSP credential is designed for experienced information security professionals with at least five years of full-time IT experience, including three years of information security and at least one year of cloud security experience. The CCSP credential is suitable for mid-level to advanced professionals involved with IT architecture, web and cloud security engineering, information security, governance, risk and compliance, and even IT auditing.

At Course Completion

Attendees of this course will leave with a solid foundation for taking and passing the Certified Cloud Security Professional (CCSP) exam.

Course Outline

Module 1: Architectural Concepts – Part 1

This Module focuses on the concepts in the first half of Chapter 1 of the CCSP Study Guide:

  • Introduction: The CCSP is not an introductory certificate; it is for experienced practitioners.
    • Basic understanding of IT and security concepts is expected and assumed.
  • Understand Cloud Computing Concepts
    • Definitions (e.g., NIST)
      • Broad network access
      • On-demand services
      • Resource pooling
      • Metered service
    • Business Requirements
      • Tradeoff between security and operations
      • Functional vs. non-functional requirements
      • Gathering requirements
        • Interviewing functional managers
        • Interviewing users
        • Interviewing senior management
        • Customer response surveys
        • Network traffic collection
        • Asset inventory
        • Financial record collection
        • Insurance record collection
        • Marketing data collection
        • Regulatory mandates collection
      • Analyze requirements (the Business Impact Analysis (BIA))
        • Tangible and intangible assets
        • Processes
        • People

Module 2: Architectural Concepts – Part 2

  • Considering cloud migration
  • Quantifying costs/benefits
    • Reduction in capital expenditures
    • Reduction in personnel costs
    • Reduction in operational costs
    • Transferring some regulatory costs
      • Introduce concepts: PII and SLA
    • Reduction in costs for data archival/backups
  • Intended impact
  • Vernacular
    • Elasticity
    • Scalability
    • Simplicity
  • Explaining: the difference between a “cloud customer” and a “cloud user”
  • Cloud computing service models
    • IaaS
    • PaaS
    • SaaS
  • Cloud deployment models
    • Public
    • Private
    • Community
    • Hybrid
  • Cloud computing roles and responsibilities
    • Cloud service provider
    • Cloud customer
    • Cloud access security broker
    • Regulators
  • Cloud computing definitions (review list in text)
  • Foundational concepts for cloud computing
    • Data sensitivity
    • Virtualization
    • Encryption
    • Auditing and compliance
  • Cloud service provider contracts

Review and Assessment Questions – Modules 1-2

Module 3: Design Requirements – Part 1

  • Inventory of all assets
  • Valuation of assets
  • Determination of criticality
  • Risk appetite
  • Risk management
    • Avoidance
    • Transfer
    • Mitigation
      • Residual risk
    • Acceptance
  • Health and human safety risks
  • Boundaries of cloud models
    • IaaS boundaries
    • PaaS boundaries
    • SaaS boundaries

Module 4: Design Requirements – Part 2

  • Design principles for securing sensitive data
    • Hardening devices
      • All guest accounts are removed
      • All unused ports are closed
      • No default passwords remain
      • Strong password policies are in effect
      • Any admin accounts are significantly secured and logged
      • All unnecessary services are disabled
      • Physical access is severely limited and controlled
      • Systems are patched, maintained, and updated according to vendor guidance and industry best practices
    • Harden BYOD endpoints
      • Be protected with some form of antimalware/security software
      • Have remote wipe/remote lock capability in the event of loss/theft, with the user granting written permission to the organization to wipe/lock via a signed Authorized Use Policy
      • Utilize some form of local encryption
      • Be secured with strong access controls (a password, or perhaps a biometric, etc.) in a multifactor configuration
      • Have and properly employ VPN solutions for cloud access
      • Have some sort of data loss/leak prevention/protection (DLP) solution installed
    • Encryption
      • In the cloud data center, for
        • long-term storage/archiving
        • protecting near-term stored files, such as snapshots of virtualized instances
        • preventing unauthorized access to specific datasets by authorized personnel (for instance, securing fields in databases such that database admins can manage software but not modify/view content)
      • In communications between cloud providers and users, for
        • creating secure Modules
        • ensuring the integrity and confidentiality of data in transit
      • Homomorphic encryption
    • Layered defense

Review and Assessment Questions: Modules 3-4

Module 5: Data Classification – Part 1

  • Data inventory and discovery
    • Data ownership
    • The data lifecycle
  • Data categorization
  • Data classification
  • Data labeling
  • Data analytics
  • Introduction to jurisdictional requirements
    • United States
    • European Union
    • South/Central America
    • Australia/New Zealand

Module 6: Data Classification – Part 2

  • Data rights management (DRM)
    • Intellectual property protections
      • Copyright
        • The DMCA
      • Trademarks
      • Patents
      • Trade secrets
    • DRM tool traits
    • Data control
      • Data retention
      • Data audit
      • Data destruction/disposal

Review and Assessment Questions: Modules 5-6

Module 7: Cloud Data Security – Part 1

  • Cloud data lifecycle
    • Create
    • Store
    • Use
    • Share
    • Archive
    • Destroy
  • Cloud data storage architectures
    • Volume storage
    • Object storage
    • Databases
    • Content-delivery networking (CDN)

Module 8: Cloud Data Security – Part 2

  • Cloud data security foundational strategies
    • Encryption
      • Key management
    • Masking, obfuscation, anonymization, tokenization
    • SIEM/SEM/SIM
    • Egress monitoring (DLP)

Review and Assessment Questions: Modules 7-8

Module 9: Security in the Cloud – Part 1

  • Shared risks and ultimate liability
  • Risks by cloud platform
    • Private cloud
    • Community cloud
    • Public cloud
    • Hybrid cloud
  • Risks by cloud service model
    • IaaS
    • PaaS
    • SaaS

Module 10: Security in the Cloud – Part 2

  • Threats by cloud model
    • Public/Private/Community/Hybrid
  • Applying countermeasures to specific threats
  • Business continuity/disaster recovery (BC/DR)
    • Business impact analysis (BIA) in the cloud
    • Shared BC/DR responsibilities (customer/provider)

Review and Assessment Questions: Modules 9-10

Module 11: Responsibilities in the Cloud – Part 1

  • Build/buy decisions for the data center
  • Provider responsibilities
    • Physical plant
    • Logical framework
    • Networking
    • Mapping and selecting controls

Module 12: Responsibilities in the Cloud – Part 2

  • Shared responsibilities by cloud model (IaaS, PaaS, SaaS)
  • Shared administration responsibilities (OS, applications, middleware)
  • OS baseline configuration and management
  • Shared responsibilities: data access
  • Customer challenges due to lack of physical access
    • audit
    • SOC reports
    • policy/governance
    • monitoring/testing

Review and Assessment Questions: Modules 11-12

Module 13: Cloud Application Security – Part 1

  • Awareness of cloud migration concerns
  • Common application migration pitfalls
  • Cloud secure software development lifecycle
  • ISO 27034: ONF vs. ANF
  • Identity and access management (IAM)
  • Identity repositories and directory services
  • Single sign-on (SSO)
  • Federation

Module 14: Cloud Application Security – Part 2

  • Multifactor authentication
  • Supplemental security devices
  • APIs
  • Tenancy separation
  • Cryptography
  • Sandboxing
  • Application virtualization
  • Threat modeling
    • STRIDE
  • OWASP Top Ten
  • Software security testing
    • SAST vs. DAST

Review and Assessment Questions: Modules 13-14

Module 15: Operations Elements – Part 1

  • Uptime/availability
  • Facilities and redundancy
    • power
    • communications
    • personnel
    • security
  • Uptime Institute Tier rating system

Module 16: Operations Elements – Part 2

  • Virtualization operations
    • personnel isolation
    • hypervisor hardening
    • instance isolation
    • host isolation
  • Storage operations
    • coupled/decoupled
    • volume vs. object storage
    • resiliency (RAID and data dispersion)
    • SAN vs. NAS
  • Physical/logical isolation of operations
    • secure KVM
  • Security training and awareness

Review and Assessment Questions: Modules 15-16

Module 17: Operations Management – Part 1

  • Monitoring
  • Capacity
  • Maintenance

Module 18: Operations Management – Part 2

  • Configuration/change management (CM)
    • baselines
    • deviations/exceptions
    • roles/process
  • BC/DR
    • roles
    • the BC/DR kit
    • relocation
    • power
    • testing

Review and Assessment Questions: Modules 17-18

Module 19: Legal and Compliance Part 1

  • Legal concepts
    • criminal law
    • civil law
    • administrative law
    • intellectual property

Module 20: Legal and Compliance Part 2

  • US laws
  • International law
  • Laws, regulations, and standards
  • eDiscovery
  • Chain of custody
  • Forensics

Module 21: Legal and Compliance Part 3

  • The impact of multiple jurisdictions on cloud operations
  • Risk management frameworks
  • Contracts and Service-level agreements (SLAs)
  • Cloud certification (CSA STAR)
  • Supply chain risk and management

Review and Assessment Questions: Modules 19-21

Final Review and Assessment Exam: Modules 1-21

Additional information

Course Length

5 Days

Format

Live Instructor-Led

Scheduled Dates

Reviews

There are no reviews yet.

Be the first to review “CCSP – Certified Cloud Security Professional Seminar and Exam Prep”