Become cloud security aware and get certified by the leading industry coalition.
Cloud computing is being aggressively adopted on a global basis as businesses seek to reduce costs and improve their agility. And one of the critical needs of the industry is to provide training and certification of professionals to assure that cloud computing is implemented responsibly, and with the appropriate security controls.
The Cloud Security Alliance has developed a widely adopted catalogue of security best practices, the "Security Guidance for Critical Areas of Focus in Cloud Computing, V3". In addition, the European Network and Information Security Agency (ENISA) whitepaper "Cloud Computing: Benefits, Risks and Recommendations for Information Security" is an important contribution to the cloud security body of knowledge.
The Certificate of Cloud Security Knowledge (CCSK) provides evidence that an individual has successfully completed an examination covering the key concepts of the CSA guidance and ENISA whitepaper. More information from CSA.
Is this the right course for you? Here is a self-assessment page.
Cloud Computing Security Knowledge
The Cloud Computing Security Knowledge- Basic class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA). This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
Cloud Computing Security Knowledge - Plus
In the second day there will be expanded material and extensive hands-on activities. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.
This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises.
The exercises mimic the full process that a company will go through when planning and implementing cloud solutions for one of its most important applications.
The fictitious company is called ResearchCorp, and lives by the research it does for its customers. How should it go about deciding about cloud hosting its most important application: the Content Delivery Platform.
The first exercise is a risk assessment, where the risks to the platform are systematically analyzed, in particular in relation to hosting it with a cloud provider.
The next few exercises are about buiding secure server instances in the cloud and protecting them. You will actually deploy and run server images on a public cloud.
As ResearchCorp also wants to offer secure access to its customers, another exercise is about federating Identity and Access Management to its platform. You will create an actual identity provider service.
The last exercise helps us explore some of the specific skills and processes that need to be in place when running your own private cloud. This exercise is based on OpenStack.
The course will be held in English.
Content learning outcomes
Upon successful completion of this course, the students will be able to:
- understand the cloud computing architectural framework
- point out cloud computing security challenges
- point out cloud computing security controls recommendation
- pass the CCSK Exam
For more information visit the CCSK page at www.clubcloudcomputing.com