Course Description
Led by an (ISC)² authorized instructor, this training seminar provides a comprehensive review of cloud security concepts and industry best practices, covering the 6 domains of the CCSP CBK:
· Architectural Concepts & Design Requirements
· Cloud Data Security
· Cloud Platform & Infrastructure Security
· Cloud Application Security
· Operations
· Legal & Compliance
Several types of activities are used throughout the course to reinforce topics and increase knowledge retention. These activities include open ended questions from the instructor to the students, matching and poll questions, group activities, open/closed questions, and group discussions. This interactive learning technique is based on sound adult learning theories.
This training course will help candidates review and refresh their cloud security knowledge and help identify areas they need to study for the CCSP exam and features:
· Official (ISC)² courseware
· Taught by an authorized (ISC)² instructor
· Student handbook
· Collaboration with classmates
· Real-world learning activities and scenarios
Objectives
After completing this workshop, participants will be able to:
· Describe the building blocks necessary to develop cloud based systems, including concepts with regard to customer, provider, partner, measured services, scalability, virtualization, storage, and networking. Students will also be able to understand the cloud reference architecture based on activities defined by industry standard documents.
· Identify the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud. You will gain knowledge on topics of data discovery and classification techniques, digital rights management, privacy of data, data retention, deletion, and archiving, data event logging, chain of custody and non-repudiation, and the strategic use of security information and event management.
· Identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure. In addition to risk analysis, you will gain an understanding in how to prepare and maintain business continuity and disaster recovery plans, including techniques and concepts for identifying critical systems and lost data recovery.
· Demonstrate an understanding of the Software Development Life Cycle, you will gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments with regard to program interfaces, cloud application architecture, and how to ensure data and application integrity, confidentiality, and availability through identity and access management solutions.
· Demonstrate an ability to develop, plan, implement, run, and manage the physical and logical cloud infrastructure though an understanding of the necessary controls and resources, best practices in monitoring and auditing, and the importance of risk assessment in both the physical and logical cloud infrastructures.
· Identify privacy issues and audit processes utilized within a cloud environment, including, auditing controls, assurance issues, and the specific reporting attributes. Topics covered include, ethical behavior and required compliance within regulatory frameworks, which includes investigative techniques for crime analysis and evidence gathering methods.
Agenda
Chapter 1: Architectural Concepts
Chapter 2: Design Requirements
Chapter 3: Data Classification
Chapter 4: Cloud Data Security
Chapter 5: Security in the Cloud
Chapter 6: Responsibilities in the Cloud
Chapter 7: Cloud Application Security
Chapter 8: Operations Elements
Chapter 9: Operations Management
Chapter 10: Legal And Compliance, Part 1
Chapter 11: Legal And Compliance, Part 2
Comments
Office Policy: In fairness to all participants, anyone arriving more than 30 minutes late will be rescheduled for another class date.
Cancellation Policy: No Shows: If you are registered for a class and do not attend and fail to contact our office to cancel or reschedule, a fee equivalent to your daily rate will be applied.
Rescheduling: Productivity Point reserves the right to cancel or reschedule any training course.Should we reschedule a course, a full credit will be applied to the rescheduled course. Productivity Point cannot assume responsibility for any other costs to the student (i.e.non-refundable airline tickets). Class credits are redeemable for up to 1 years.
Cancellations: There is no charge for cancellations that are made Ten (10) or more business days prior to the scheduled training date. Cancellations that are made nine (9) business days or less of the scheduled training date are considered “late cancellations” and the full price of the class will be charged.All training cancelled within 10 or more business days' notice will have a credit on account in the full amount of purchase. This credit can be applied to any Productivity Point products or services for up to 1 year from the date of original transaction. There are no refunds.