Pre-Requisites

Five years of cumulative, full-time working experience in IT (three of which must be in information security, and one of which must be in one of the six CCSP CBK domains)
Those without the required experience can take the exam to become an Associate of (ISC)² while working toward the experience needed for full certification

Lessons

This (ISC)² Certified Cloud Security Professional (CCSP) certification training course provides a thorough understanding of the information security risks and mitigation strategies critical to data security in the cloud. This course covers the six domains of the Official (ISC)² CCSP Common Body of Knowledge (CBK®), and prepares you to pass the CCSP exam and become a Certified Cloud Security Professional.

You Will Learn How To:

• Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing
• Differentiate between various as-a-service delivery models and frameworks that are incorporated into the cloud computing reference architecture
• Explain strategies for protecting data at rest and data in motion
• Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies, and working with authorities during legal investigations
• Contrast between forensic analysis in corporate data center and cloud computing environments

Course Outline

• Architectural Concepts and Designs Requirements

  • Reviewing cloud computing concepts
  • Describing cloud reference architecture
  • Security concepts relevant to cloud computing
  • Design principles of secure cloud computing
  • Identifying trusted cloud services

• Cloud Data Security

  • Understanding cloud data lifecycle
  • Designing and implementing cloud data storage architectures
  • Designing and applying data security strategies
  • Understanding and implementing data discovery and classification technologies
  • Designing and implementing relevant jurisdictional data protections for personally identifiable information

• Cloud Platform and Infrastructure Security

  • Comprehending cloud infrastructure components
  • Analyzing risks associated to cloud infrastructure
  • Designing and planning security controls
  • Planning disaster recovery and business continuity management

• Cloud Application Security

  • Recognizing the need for training and awareness in application security
  • Understanding cloud software assurance and validation
  • Using verified secure software
  • Comprehending the Software Development Life-Cycle (SDLC) process
  • Applying the Secure Software Development Life-Cycle

• Operations

  • Supporting the planning process for the data center design
  • Implementing and building physical infrastructure for cloud environment
  • Running physical infrastructure for cloud environment
  • Managing physical infrastructure for cloud environment
  • Building logical infrastructure for cloud environment

• Legal and Compliance

  • Legal requirements and unique risks within the cloud environment
  • Privacy issues, including jurisdictional variation
  • The audit process, methodologies, and required adaptions for a cloud environment
  • Implications of cloud to enterprise risk management
  • Outsourcing and cloud contract design

Cancellation Policy

We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.