Course description
Course Details
The Cloud Computing Security Knowledge course provides students with thorough coverage of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. The course begins with a detailed description of cloud computing and then expands into all major organisations such as; Governance and Risk Management, the Cloud Architectural Framework and Business Continuity/Disaster. The CCSK is an examination testing for a broad foundation of knowledge about cloud security, with topics ranging from architecture, governance, compliance, operations, encryption, virtualiszation and much more. The body of knowledge for the CCSK examination is the CSA Security Guidance for Critical Areas of Focus in Cloud Computing V3, English language version, and the ENISA report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”.
This course includes the following features:
Instructor-led demonstrations and visual presentations that you to develop your skills based on real world scenarios.
Unlike a live class, you can fast-forward, repeat or rewind all your lectures. This gives you all the benefit of hands-on training with the flexibility of doing it around your schedule 24/7.
Flash Cards and Education Games are also provided throughout the course.
Practice exams prepare you for your exams. These exams are on average 100 questions to ensure you are 100% prepared if you are taking a certification exam.
You can also interact and collaborate with other students through our forums, student contributions and announcement features.
Who should complete this course?
IT Managers, IT Security personnel, Programmers and Developers, IT Security Managers.
People considering a career in IT Security Management.
Entry Requirements / Prerequisites
None. Recommended experience is six months’ direct experience in an IT environment, including IT-related tasks, responsibility, and decision making.
Topics covered in this Course
Architecture
NIST Definitions
Essential Characteristics
Service Models
Deployment Models
Multi-Tenancy
CSA Cloud Reference Model
Jericho Cloud Cube Model
Cloud Security Reference Model
Cloud Service Brokers
Service Level Agreements
Governance and Enterprise Risk Management
Contractual Security Requirements
Enterprise and Information Risk Management
Third Party Management Recommendations
Supply chain examination
Use of Cost Savings for Cloud
Legal Issues: Contracts and Electronic Discovery
Consideration of cloud-related issues in three dimensions
eDiscovery considerations
Jurisdictions and data locations
Liability for activities of subcontractors
Due diligence responsibility
Federal Rules of Civil Procedure and electronically stored information
Metadata
Litigation hold
Compliance and Audit Management
Definition of Compliance
Right to audit
Compliance impact on cloud contracts
Audit scope and compliance scope
Compliance analysis requirements
Auditor requirements
Information Management and Data Security
Six phases of the Data Security Lifecycle and their key elements
Volume storage
Object storage
Logical vs physical locations of data
Three valid options for protecting data
Data Loss Prevention
Detection Data Migration to the Cloud
Encryption in IaaS, PaaS and SaaS
Database Activity Monitoring and File Activity Monitoring
Data Backup
Data Dispersion
Data Fragmentation
Interoperability and Portability
Definitions of Portability and Interoperability
Virtualization impacts on Portability and Interoperability
SAML and WS-Security
Size of Data Sets
Lock-In considerations by IaaS, PaaS and SaaS delivery models
Mitigating hardware compatibility issues
Traditional Security, Business Continuity, and Disaster Recovery
Four D’s of perimeter security
Cloud backup and disaster recovery services
Customer due diligence related to BCM/DR
Business Continuity Management/Disaster Recovery due diligence
Restoration Plan
Physical location of cloud provider
Data Center Operations
Relation to Cloud Controls Matrix
Queries run by data center operators
Technical aspects of a Provider’s data center operations for customers
Logging and report generation in multi-site clouds
Incident Response
Factor allowing for more efficient and effective containment and recovery in a cloud
Main data source for detection and analysis of an incident
Investigating and containing an incident in an Infrastructure as a Service
environment
Reducing the occurrence of application level incidents
How often should incident response testing occur
Offline analysis of potential incidents
Application Security
Identity, entitlement, and access management (IdEA)
SDLC impact and implications
Differences in S-P-I models
Consideration when performing a remote vulnerability test of a cloud-based
application
Categories of security monitoring for applications
Entitlement matrix
Encryption and Key Management
Adequate encryption protection of data in the cloud
Key management best practices, location of keys, keys per user
Relationship to tokenization, masking and cloud database controls
Identity, Entitlement, and Access Management
Relationship between identities and attributes
Identity Federation
Relationship between Policy Decision Point (PDP) and Policy Enforcement Point (PEP)
SAML and WS-Federation
Provisioning and authoritative sources
Virtualization
Security concerns for hypervisor architecture
VM guest hardening, blind spots, VM Sprawl, data comingling, instant-on gaps
In-Motion VM characteristics that can create a serious complexity for audits
How can virtual machine communications bypass network security controls
VM attack surfaces
Compartmentalization of VMs
Security as a Service
10 categories
Barriers to developing full confidence in security as a service (SECaaS)
Deployment of Security as a Service in a regulated industry prior SLA
Logging and reporting implications
How can web security as a service be deployed
What measures do Security as a Service providers take to earn the trust of their customers
ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security
Isolation failure
Economic Denial of Service
Licensing Risks
VM hopping
Five key legal issues common across all scenarios
Top security risks in ENISA research
OVF
Underlying vulnerability in Loss of Governance
User provisioning vulnerability
Risk concerns of a cloud provider being acquired
Security benefits of cloud
Risks
Data controller vs data processor definitions in Infrastructure as a Service (IaaS), who is responsible for guest systems monitoring.
Assessment
Once you successfully pass the programme, you will receive a Certificate in Cloud Security from CMIT.
You may optionally take an online exam to receive CCSK certification. This is assessed through a computer-based multiple choice exam. Exam fees are not included in the course price.
Technical Requirements
Broadband internet connection.
Browser – we recommend Chrome or Safari for Tablet or Apple Mac; and Firefox or Internet Explorer for PC hardware.
Operating System – PC (Windows XP, Vista, 7 or 8), Mac or Android.
Accreditation
You may optionally take exams to receive CCSK Certification. This is assessed through computer-based multiple choice exams (CSA-CCSK). Exam fees are not included in the course price.
Distance Learning and Online Courses are offered in a number of different formats, these include correspondence courses (by post), online via computer or a combination of online and classroom instruction (blended learning).. View 
Further Education and PLCs (Post Leaving Cert Courses) have become a popular alternative to the CAO system here in Ireland. PLC Courses are validated by QQI (Quality & Qualifications Ireland) at levels 5 & 6 of the NFQ.. View 
Evening courses and part time learning options are a great way to enhance a CV, to socialise and make friends, as well as learn something completely new. There are an abundance of night courses and evening classes available.. View