Overview

Attackers never rest, and along with all the traditional threats targeting internal networks and systems, an entirely new variety specifically targeting the cloud has emerged.

As more organizations adopt cloud-based systems, new complexities and challenges surface and the risks increase. Organizations need cloud security professionals with the requisite knowledge, skills and abilities to be able to audit, assess and secure cloud infrastructures.

To address this need, (ISC)² and the Cloud Security Alliance (CSA) have developed the Certified Cloud Security Professional (CCSP) certification. This top cybersecurity credential reflects in-depth knowledge derived from hands-on information security and cloud computing experience. It validates practical know-how for professionals whose responsibilities involve cloud security architecture, design, operations and service orchestration.

In this 5-day course you will gain a thorough understanding of the information security risks and mitigation strategies critical to data security in the cloud in this (ISC)² Certified Cloud Security Professional (CCSP) Exam Preparation course. This course covers the six domains of the Official (ISC)² CCSP Common Body of Knowledge (CBK®) and prepares you to take the CCSP exam to become a Certified Cloud Security Professional.

Skills Covered

  • Identify and explain the Cloud Computing concepts and definitions based on the ISO/IEC 17788 and NIST standards.
  • Identify and explain the Cloud Security Alliance’s Notorious Nine, Treacherous Twelve and Egregious Eleven.
  • Understand, and be able to differentiate between, the various service delivery models, frameworks and hypervisor threats that are incorporated into the cloud computing reference architecture.
  • Demonstrate the application of appropriate security strategies and be able to recommend appropriate controls for protecting data at rest, data in use and data in motion.
  • Discuss strategies for data ownership, data sovereignty, data classification and implementing appropriate measures for assurance for ensuring privacy, compliance with regulatory agencies and working with authorities during legal investigations.
  • Understand the challenges for data centre design, forensic analysis and cloud environment deployments and recommend appropriate risk mitigation strategies.
  • Understand and apply Business Continuity Planning and Disaster Recovery procedures for disaster situations.
  • Design appropriate identity and access management solutions.
  • Comprehend and apply appropriate processes and frameworks including the Software Development Life-Cycle (SDLC) process and secure operations.

Who Should Attend

The course is designed for :

  • Enterprise architects
  • Security administrators
  • Systems engineers
  • Security architects
  • Security consultants
  • Security engineers
  • Security managers
  • Systems architects

Course Curriculum