Target Audience:
This online CCSP certification course is ideal for anyone wishing to learn and explore career opportunities in IT network security and cloud computing. This course also is ideal for enterprise architects, security administrators, systems engineers, security architects, security consultants,
security engineers, security managers, and system architects.
Course Curriculum:
Lesson 01 – Cloud Concepts, Architecture, and Design
Domain and Learning Objectives
Security Concepts
Key Security Concepts, Defense in Depth, Due Care, and Due Diligence
Security Controls and Functionalities
Cloud Computing Concepts
Business Drivers
Scalability, Elasticity, Vendor Lock-in, and Vendor Lock-out
Cloud Computing Concepts: Advantages
Cloud Reference Architecture
Cloud Computing Roles and Actors
Cloud Service Categories: Infrastructure as a Service (IaaS)
Cloud Service Categories: Platform as a Service (PaaS)
Cloud Service Categories: Software as a Service (SaaS)
Cloud Service Categories: Management
Cloud Deployment Models: Public Cloud
Cloud Deployment Models: Private Cloud
Cloud Deployment Models: Hybrid Cloud
Cloud Deployment Models: Community Cloud
Models and Characteristics
Comparison of Cloud Deployment Models
Case Study: Hybrid Cloud
Cloud Technology Roadmap
Impact of Related Technologies
Cryptography, Key Management, and Other Security Concepts
Key Management
IAM and Access Control
Data Remanence
Virtualization
Cloud Computing Threats
Design Principles of Secure Cloud Computing
Cost-Benefit Analysis
Evaluate Cloud Service Providers
SOC
IT Security Evaluation
FIPS
Scenario
Key Takeaways
Lesson 02 – Cloud Data Security
Domain and Learning Objectives
Cloud Data Life Cycle
Cloud Data Life Cycle: Create, Store, Use, and Share
Real-World Scenario
Cloud Data Life Cycle: Archive
Cloud Data Life Cycle: Destroy, Key Data Functions
Cloud Data Storage Architectures
Cloud Data Storage Architectures: Storage Types for IaaS
Cloud Data Storage Architectures: Storage Types for PaaS
Cloud Data Storage Architectures: Storage Types for SaaS
Cloud Data Storage Architectures: Threats to Storage Types
Real-World Scenario
Data Security Strategies
Data Security Strategies: Encryption (Use Cases)
Data Security Strategies: Encryption Challenges
Data Security Strategies: Encryption in IaaS
Data Security Strategies: Database Encryption
Data Security Strategies: Key Management
Data Security Strategies: Key Storage in the Cloud
Data Security Strategies: Masking
Data Security Strategies: Data Anonymization
Data Security Strategies: Tokenization
Data Security Strategies: Homomorphic Encryption and Bit Splitting
Real-World Scenario
Data Security Strategies: Data Loss Prevention
Scenario
Data Discovery and Classification Technology
Data Discovery and Classification Technology: Data Classification
Data Discovery and Classification Technology: Challenges with Cloud Data
Jurisdictional Data Protections for Personally Identifiable Information (PII)
Privacy Acts: GDPR
Privacy Acts: Data Protection policies
Privacy Acts: United States
Privacy Acts: HIPAA, FISMA, and SOX
Jurisdictional Data Protections for PII: Responsibilities of Cloud Services
Data Rights Management
Data Retention, Deletion, and Archiving Policies
Data Retention
Data Deletion
Real-World Scenario
Data Archiving
Real-World Scenario
Legal Hold
Auditability, Traceability, and Accountability of Data Events
SIEM
Chain of Custody
Nonrepudiation
Real-World Scenario
Key Takeaways
Lesson 03 – Cloud Platform and Infrastructure Security
Domain and Learning objectives
Cloud Infrastructure Components
Network and Communications
Management Plane and Virtualization
Factors That Impact Datacenter Design
Physical Design: Buy or Build
Physical Design: Data Center Design Standards
Physical Design: Uptime Institute
Physical Design: Tiers
Physical Design: Features of Tiers
Real-World Scenario
Environmental Design Considerations
Connectivity
Hypervisor and Resource Allocation
Risks Associated with Cloud Infrastructure
Policy, General, and Virtualization Risks
Cloud-Specific, Legal, and Non-Cloud Specific Risks
Cloud Attack Vectors and Compensating Controls
Business Scenario
Design and Plan Security Controls
Real-World Scenario
Plan Disaster Recovery and Business Continuity
RBCDR Planning Factors and Disruptive Events
Characteristics of Cloud Infrastructure
BCDR Strategies and Returning to Normal
Real-World Scenario
BCDR Creation
BCDR Creation: Test
Business Requirements
BCDR Creation: Report and Revise
Testing Types, Uptime, Availability, Activity, and Case Study
Security Training and Awareness
Real-World Scenario
Key Takeaways
Lesson 04 – Cloud Application Security
Domain and Learning objectives
Advocate Training and Awareness for Application Security
Real-World Scenario
Common Pitfalls
Encryption Dependency Awareness
Business Scenario
Understanding Software Development Lifecycle Process
Real-World Scenario
Vulnerabilities and Risks
Threat Modeling
Real-World Scenario
Encryption
Sandboxing and Application Virtualization
Federated Identity Management
SAML Authentication
Identity and Access Management
Multi-Factor Authentication
Real-World Scenario
Cloud Access Security Broker
Application Security Testing
Software Supply Chain Management
Real-World Scenario
Key Takeaways
Lesson 05 – Cloud Security Operations
Domain and Learning objectives
Secure Configuration of Hardware: Servers
Secure Configuration of Hardware: Storage Controllers (Part 1)
Real-World Scenario
Secure Configuration of Hardware: Storage Controllers (Part 2)
Secure Configuration of Hardware: Virtual Switches
Configuration of VM Tools
Configuration of VM Tools: Running a Physical Infrastructure (Part 1)
Configuration of VM Tools: Running a Physical Infrastructure (Part 2)
Configuration of VM Tools: Running a Physical Infrastructure (Part 3)
Configuration of VM Tools: Running a Physical Infrastructure (Part 4)
Real-World Scenario
Securing Network Configuration (Part 1)
Real-World Scenario
Clustered Hosts
Dynamic Optimization and Clustered Storage
Maintenance Mode and Patch Management
Performance Monitoring
Real-World Scenario
Network Security Controls: Layered Security and Honeypots
Network Security Controls: SIEM
Log Management
Orchestration
Availability of Guest OS
Operations Management (Part 1)
Real-World Scenario
Operations Management (Part 2)
Risk-Management Process: Framing Risk and Risk Assessment
Quantitative Risk Analysis
Scenario
Risk Response and Risk Monitoring
Collection and Preservation of Digital Evidence
Communication with Relevant Parties
Real-World Scenario
Security Operations Center
Key Takeaways
Lesson 06 – Legal Risk and Compliance
Domain and Learning objectives
Case Study
Legislative Concepts
Intellectual Property Laws
Case Study
Scenario
Acts and Agreements
Case Study
NERC
Privacy Shield and Generally Accepted Privacy Principles (GAPP)
Jurisdictional Difference in Data Privacy
Terminologies and eDiscovery
Forensic Requirements and PII
Gap Analysis, SOC Reports, and Chain of Custody
Vendor Management
Cloud Computing Policies and Risk Attitude
SLA
Quality of Service
Risk Mitigation
Risk Management Metrics and ISO 28000:2007
Real-World Scenario
Key Takeaways
DoctorProjectManagement LLC is one of the world’s leading providers of online training for Digital Marketing, Cloud Computing, Project Management, Data Science, IT Service Management, Software Development and many other emerging technologies.
Based in Frisco, Texas, DoctorProjectManagement LLC partners with companies and individuals to address their unique needs, providing
training and coaching to help working professionals meet their career goals. DoctorProjectManagement LLC has enabled over 1 million professionals and companies across 150+ countries train, certify and upskill their employees.
DoctorProjectManagement LLC’s 100+ training courses are designed and updated by world-class industry experts. Their blended learning approach combines e-learning classes, instructor-led live virtual classrooms, applied learning projects, and 24/7 teaching assistance. More than 40 global training organizations have recognized DoctorProjectManagement LLC as an official provider of certification training.
© DoctorProjectManagement LLC Solutions. All Rights Reserved. The certification names are the trademarks of their respective owners.
DURATION: 3 DAYS
PRICE: $2,499 per participant