The Cloud Computing Security Knowledge class provides students thorough coverage of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam.
The course begins with a detailed description of cloud computing and then expands into all major domains such as: Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster Recovery.
12 Months Unlimited Online Access to Expert Instructor-Led Training
Get trained by the very finest instructors in the IT industry today. With a minimum of 15 years real-world experience, they're all experts in their respective fields. Unlike live classes, you can fast-forward, repeat or rewind any part of your lecture. This creates a truly personal learning experience, and provides all the benefits of hands-on training - along with the unique flexibility of 24x7 access so you can fit everything around your schedule.
Visual Demonstrations & Multimedia Presentations
All courseware includes instructor-led demonstrations and visual presentations, allowing students to focus their skills development around real-world scenarios.
Quizzes & Exam Simulators
Customised practice exams help prepare you more effectively for your final examinations. And by utilising practice quizzes after each module, you ensure confidence and gauge your effectiveness on each topic before proceeding.
The included practice exams are also purposely designed to replicate & mirror the testing centre exam environment. With an average of 100 questions, you can ensure you're 100% prepared.
Social Learning & Networking
A world class Learning Management System (LMS) allows you to effectively interact & collaborate with other students, form individual study-groups, engage in forum discussions, rate different courses, and keep up with the latest industry knowledge. This is unmatched in the training industry, and makes your learning process far more fun and enjoyable.
Flash Cards & Educational Games
Education is not a one-size-fits-all activity, as students learn in many different ways - often preferring a variety of different tools. This is why we also provide Flash Cards & Educational Games throughout... All designed to ensure the maximum retention level, while keeping you more engaged and focused.
Navigation & Controls
The modular fashion of these self-paced training programs allows you a great deal of flexibility, with access to expert-level instruction anytime of the day or night. Full navigation controls allow you to pace your training throughout tightly defined sections & modules.
Understanding the cloud computing architectural framework
1: Architecture NIST Definitions Essential Characteristics Service Models Deployment Models Multi-Tenancy CSA Cloud Reference Model Jericho Cloud Cube Model Cloud Security Reference Model Cloud Service Brokers Service Level Agreements
2: Governance and Enterprise Risk Management Contractual Security Requirements Enterprise and Information Risk Management Third Party Management Recommendations Supply chain examination Use of Cost Savings for Cloud
3: Legal Issues: Contracts and Electronic Discovery Consideration of cloud-related issues in three dimensions eDiscovery considerations Jurisdictions and data locations Liability for activities of subcontractors Due diligence responsibility Federal Rules of Civil Procedure and electronically stored information Metadata Litigation hold
4: Compliance and Audit Management Definition of Compliance Right to audit Compliance impact on cloud contracts Audit scope and compliance scope Compliance analysis requirements Auditor requirements
5: Information Management and Data Security Six phases of the Data Security Lifecycle and their key elements Volume storage Object storage Logical vs physical locations of data Three valid options for protecting data Data Loss Prevention Course Syllabus Detection Data Migration to the Cloud Encryption in IaaS, PaaS & SaaS Database Activity Monitoring and File Activity Monitoring Data Backup Data Dispersion Data Fragmentation
6: Interoperability and Portability Definitions of Portability and Interoperability Virtualization impacts on Portability and Interoperability SAML and WS-Security Size of Data Sets Lock-In considerations by IaaS, PaaS & SaaS delivery models Mitigating hardware compatibility issues
7: Traditional Security, Business Continuity, and Disaster Recovery Four D’s of perimeter security Cloud backup and disaster recovery services Customer due diligence related to BCM/DR Business Continuity Management/Disaster Recovery due diligence Restoration Plan Physical location of cloud provider
8: Data Center Operations Relation to Cloud Controls Matrix Queries run by data center operators Technical aspects of a Provider’s data center operations for customers Logging and report generation in multi-site clouds
9: Incident Response Factor allowing for more efficient and effective containment and recovery in a cloud Main data source for detection and analysis of an incident Investigating and containing an incident in an Infrastructure as a Service environment Reducing the occurrence of application level incidents How often should incident response testing occur Offline analysis of potential incidents
10: Application Security Identity, entitlement, and access management (IdEA) SDLC impact and implications Differences in S-P-I models Consideration when performing a remote vulnerability test of a cloud-based application Categories of security monitoring for applications Entitlement matrix
11: Encryption and Key Management Adequate encryption protection of data in the cloud Key management best practices, location of keys, keys per user Relationship to tokenization, masking, anonymization and cloud database controls
12: Identity, Entitlement, and Access Management Relationship between identities and attributes Identity Federation Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP) SAML and WS-Federation Provisioning and authoritative sources
13: Virtualization Security concerns for hypervisor architecture VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps In-Motion VM characteristics that can create a serious complexity for audits How can virtual machine communications bypass network security controls VM attack surfaces Compartmentalization of VMs
14: Security as a Service 10 categories Barriers to developing full confidence in security as a service (SECaaS) Deployment of Security as a Service in a regulated industry prior SLA Logging and reporting implications How can web security as a service be deployed What measures do Security as a Service providers take to earn the trust of their customers ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security Isolation failure Economic Denial of Service Licensing Risks VM hopping Five key legal issues common across all scenarios Top security risks in ENISA research OVF Underlying vulnerability in Loss of Governance User provisioning vulnerability Risk concerns of a cloud provider being acquired Security benefits of cloud Risks Data controller vs data processor definitions in Infrastructure as a Service (IaaS), who is responsible for guest systems monitor
Really informative & very positive... They cut out all the nonsense and just gave it to me in plain terms: This is what you're going to get - and this is where you'll end up. That's all I wanted really.
David : UK
My advisor told me absolutely everything I needed to know. If I needed to know the specifics of a certain subject, he told me everything about that. He was friendly and really helpful.
Leroy : UK
They seemed very knowledgeable about the course... I made a decision quite easily, based on what they said.
Donna : UK
The advice was good. It wasn't overly complicated, so I wasn't bogged down with words that were unnecessary - and I understood where they were coming from. It was very professional.
Hayley : UK
I'd definitely recommend them. I think the price was very competitive - some of the courses out there were three times the price of what they were offering. To me, it's ideal.
Clive : UK
I feel I got good value for money. If you're a practically minded person, the course is perfect. I've also passed your details onto some other people I work with, because they're also interested in that field.
Lee : UK
I'd give the course 10/10. I've already convinced someone else to do one. I just think it's awesome to be quite honest - as long as you're prepared to put the effort in.
Leroy : UK
The advisor was absolutely brilliant. I felt like he was honest... I just can't fault it really.
Shelley : UK
The advisor was very friendly. He came across as very competent with his knowledge of the industry. He gave me a lot of confidence from that point of view.
Tim : UK
The advisor was fantastic I have to say - the way he described everything and helped me to find the right course. Everything he said made sense.