Overview:

Gain a thorough understanding of the information security risks and mitigation strategies critical to data security in the cloud in this (ISC)² Certified Cloud Security Professional (CCSP) Exam Preparation course. This course covers the six domains of the Official (ISC)² CCSP Common Body of Knowledge (CBK®) and prepares you to take the CCSP exam to become a Certified Cloud Security Professional.

You Will Learn How To

Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing

Differentiate between various as-a-service delivery models and frameworks that are incorporated into the cloud computing reference architecture

Explain strategies for protecting data at rest and data in motion

Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies and working with authorities during legal investigations

Contrast between forensic analysis in corporate data center and cloud computing environments

Duration:  05 days (40 hours)

Objectives:

After completing this workshop, participants will be able to:

-       Describe the building blocks necessary to develop cloud based systems, including concepts with regard to customer, provider, partner, measured services, scalability, virtualization, storage, and networking. Students will also be able to understand the cloud reference architecture based on activities defined by industry standard documents.

-       Identify the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud. You will gain knowledge on topics of data discovery and classification techniques, digital rights management, privacy of data, data retention, deletion, and archiving, data event logging, chain of custody and non-repudiation, and the strategic use of security information and event management.

-       Identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure. In addition to risk analysis, you will gain an understanding in how to prepare and maintain business continuity and disaster recovery plans, including techniques and concepts for identifying critical systems and lost data recovery.

-       Demonstrate an understanding of the Software Development Life Cycle, you will gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments with regard to program interfaces, cloud application architecture, and how to ensure data and application integrity, confidentiality, and availability through identity and access management solutions.

-       Demonstrate an ability to develop, plan, implement, run, and manage the physical and logical cloud infrastructure though an understanding of the necessary controls and resources, best practices in monitoring and auditing, and the importance of risk assessment in both the physical and logical cloud infrastructures.

-       Identify privacy issues and audit processes utilized within a cloud environment, including, auditing controls, assurance issues, and the specific reporting attributes. Topics covered include, ethical behavior and required compliance within regulatory frameworks, which includes investigative techniques for crime analysis and evidence gathering methods.

Intended Audience:

-       The course is intended for students who have at least five years of recent full-time security professional work experience in information technology, of which three of those years must be in security and one year in cloud computing. The course builds on and brings together the holistic view of the topics covered in the everyday environment of an information assurance professional.

Prerequisites:

-       Five years of cumulative, full-time working experience in IT (three of which must be in information security, and one of which must be in one of the six CCSP CBK domains)

Course outlines:

1.      Architectural Concepts and Design Requirements

• Understand cloud computing concepts
• Describe cloud reference architecture
• Understand security concepts relevant to could computing
• Understand design principles of secure cloud computing
• Identify trusted cloud services

2.      Cloud Data Security

• Understand Cloud Data Life Cycle
• Design and Implement Cloud Data Storage Architectures
• Understand and implement Data Discovery and Classification Technologies
• Design and Implement Relevant Jurisdictional Data Protection for Personally Identifiable Information (PII)
• Design and implement Data Rights Management
• Plan and Implement Data Retention, Deletion, and Archival policies
• Design and Implement Auditability, Traceability, and Accountability of Data Events

3.      Cloud Platform Infrastructure Security

• Comprehend Cloud Infrastructure Comp
• Analyze Risks Associated to Cloud Infrastructure
• Design and Plan Security Controls
• Plans Disaster Recovery & Business Continuity Management

4.      Cloud Application Security

• Recognize Need for Training and Awareness in Application Security
• Understand Cloud Software Assurance and Validation
• Use Verified Secure Software
• Comprehend the Software Development Life Cycle (SDLC) Process
• Apply the Secure Software Development Life Cycle
• Comprehend the Specifics of Cloud Application Architecture
• Design Appropriate Identity and Access Management (IAM) Solutions

5.      Operations

• Support the Planning Process for the Data Center Design
• Implement and Build Physical Infrastructure for Cloud Environment
• Run Physical Infrastructure for Cloud Environment
• Manage Physical Infrastructure for Cloud Environment
• Build Logical Infrastructure for Cloud Environment
• Run Logical Infrastructure for Cloud Environment
• Manage Logical Infrastructure for Cloud Environment
• Ensure Compliance with Regulations and Controls
• Conduct Risk Assessment to Logical and Physical Infrastructure
• Understand the Collection and Preservation of Digital Evidence
• Manage Communications with Relevant Parties

6.      Legal and Compliance

• Understand Legal Requirements and Unique Risks Within the Cloud Environment
• Understand Privacy Issues, Including Jurisdictional Variances
• Understand Audit Process, Methodologies, and Required Adaptions for a Cloud Environment
• Understand Implication of Cloud to Enterprise Risk Management
• Understand Outsourcing and Cloud Contract Design
• Execute Vendor Management