The Cloud Security Professional (CCSP) training course applies information security expertise to a cloud computing environment and demonstrates competence in cloud security architecture, design, operations, and service orchestration. This professional competence is measured against a globally recognized body of knowledge. This program is comprised of a total of six (6) domains. The modular format is designed to organize and chunk information in order to assist with learning retention as participants are guided through the CCSP course materials.
By attending Cloud Security Professional (CCSP) workshop, Participants will learn to:
- Describe the building blocks necessary to develop cloud based systems, including concepts with regard to customer, provider, partner, measured services, scalability, virtualization, storage, and networking. Delegates will also be able to understand the cloud reference architecture based on activities defined by industry standard documents
- Identify the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud. Participants will gain knowledge on topics of data discovery and classification techniques, digital rights management, privacy of data, data retention, deletion, and archiving, data event logging, chain of custody and non-repudiation, and the strategic use of security information and event management
- Identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure. In addition to risk analysis, participants will gain an understanding in how to prepare and maintain business continuity and disaster recovery plans, including techniques and concepts for identifying critical systems and lost data recovery
- Demonstrate an understanding of the Software Development Life Cycle, participants will gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments with regard to program interfaces, cloud application architecture, and how to ensure data and application integrity, confidentiality, and availability through identity and access management solutions
- Demonstrate an ability to develop, plan, implement, run, and manage the physical and logical cloud infrastructure though an understanding of the necessary controls and resources, best practices in monitoring and auditing, and the importance of risk assessment in both the physical and logical cloud infrastructures
- Identify privacy issues and audit processes utilized within a cloud environment, including, auditing controls, assurance issues, and the specific reporting attributes. Topics covered include, ethical behavior and required compliance within regulatory frameworks, which includes investigative techniques for crime analysis and evidence gathering methods
The course is intended for delegates who have at least five years of recent full-time security professional work experience in information technology, of which three of those years must be in security and one year in cloud computing. The course builds on and brings together the holistic view of the topics covered in the everyday environment of an information assurance professional.