Course Objectives
After completing this course, the student will be able to:
- Understand legal frameworks and guidelines that affect cloud services.
- Recognize the fundamentals of data privacy regulatory/legislative mandates.
- Assess risks, vulnerability, threats and attacks in the cloud environment.
- Evaluate the design and plan for cloud infrastructure security controls.
- Evaluate what is necessary to manage security operations.
- Understand what operational controls and standards to implement.
- Describe the types of cloud deployment models in the types of “as a service” cloud models currently available today.
- Identify key terminology and associated definitions related to cloud technology. Be able to establish a common terminology for use within a team or workgroup.
- Build a business case for cloud adoption and be able to determine with business units the benefits of the cloud and cloud migration strategies.
Domains/Modules/Chapters
This course covers the following chapters and learning objectives:
Chapter 1: Cloud Concepts, Architecture and Design
- State the essential characteristics of cloud computing
- Describe the fundamental cloud computing services
- Describe the cloud computing reference architectures
- Explain cloud computing activities
- Compare cloud service capabilities and models
- Describe cloud deployment models
- Summarize economic characteristics of cloud computing
- Evaluate cloud computing ROI and KPI metrics
- Summarize cloud computing security concepts
- Describe key security considerations for each service model
- Analyze key cloud service provider contractual relationship documents
Chapter 2: Cloud Governance: Legal, Risk and Compliance
- Explain the issues with international conflict of law
- Interpret guidelines for digital forensics
- Identify the fundamentals of data privacy regulatory/legislative mandates
- Summarize audit process, methodologies and cloud-ready adaptations
- Describe risk management related to cloud services
- Identify due care/diligence activities related to service contracts
Chapter 3: Cloud Data Security
- Discuss cloud data security concepts
- Describe cryptography
- Explain data discovery and classification technologies
- Interpret cloud data storage architectures
- Analyze information rights management
- Assess cloud data security strategies
- Compare solutions for cloud data retention, deletion and archival policies
- Explain basic security concepts in the cloud
Chapter 4: Cloud Platform and Infrastructure Security
- Compare cloud infrastructure components
- Select standard practices for implementing a secure data center design
- Assess risks, vulnerability, threats and attacks in the cloud environment
- Discover components for planning and implementing security controls
- Evaluate the design and plan for cloud infrastructure security controls
- Appraise appropriate identity and access management (IAM) solutions
- Recommend business continuity and disaster recovery (BCDR) standards
Chapter 5: Cloud Application Security
- Explain training and awareness solutions for application security
- Assess challenges in the secure software development life cycle (SDLC) process
- Select a threat model for securing software development
- Demonstrate cloud software assurance and validation
- Choose verified secure software
- Explain the specifics of a cloud application architecture
Chapter 6: Cloud Security Operations
- Analyze what is used to manage and operate physical and logical infrastructure of a cloud environment
- Discuss operational controls and standards
- Identify methodologies for supporting digital forensics
- Identify critical communication needs with relevant parties
- Define auditability, traceability and accountability of security-relevant data events
- Select requirements to implement secure operations
Note: Throughout this course, exam domains may be covered in several chapters. Included in the course is a table indicating where the exam outline
ACE Credit:
The Official (ISC)² CCSP CBK Training seminar has earned ACE CREDIT. Students who complete the course can apply for 2 undergraduate credits at participating universities and colleges. This is the only CCSP training available that provides college credits. Learn more.
