Certified Cloud Security Professional (CCSP)
Certified Cloud Security Professional (CCSP) 2019
CCSP 2019: Application Development & Security
CCSP 2019: Cloud Infrastructure
CCSP 2019: Cloud Infrastructure
CCSP 2019: Cloud System Architecture Design
CCSP 2019: Data Center Security
CCSP 2019: Data Retention & Events
CCSP 2019: Data Security Technologies
CCSP 2019: Identity & Access Management
CCSP 2019: Implementing Data Discovery & Classification
CCSP 2019: Operational Controls & Standards
CCSP 2019: Secure Cloud Computing

CCSP 2019: Application Development & Security

Course Number:
it_spccsp19_08_enus
Lesson Objectives

CCSP 2019: Application Development & Security

  • discover the key concepts covered in this course
  • describe awareness and required training to develop an understanding of security focus areas relating to cloud applications
  • define how the software development life cycle can incorporate security when developing cloud applications, including using GitHub
  • define common data privacy standards such as HIPAA, GDPR, and PCI DSS
  • identify how OWASP applies to web application security
  • identify when and how application containerization should be used
  • configure a Microsoft Azure Application Gateway Web Application Firewall
  • deploy a Microsoft Azure web app
  • enable scaling for a Microsoft Azure web app
  • configure HTTPS for a Microsoft Azure web app custom DNS domain name
  • describe the different API formats such as REST and SOAP
  • deploy a Microsoft Azure function app
  • describe application testing and methodologies
  • configure web app deployment slots for testing purposes
  • apply threat modeling to reduce the impact of cloud threats
  • summarize the key concepts covered in this course

Overview/Description

Discover the importance of advocating for application security training and awareness and explore cloud development basics and common pitfalls and cloud vulnerabilities. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Cloud Infrastructure

Course Number:
it_spccsp19_06_enus
Lesson Objectives

CCSP 2019: Cloud Infrastructure

  • discover the key concepts covered in this course
  • recognize the physical aspect of a cloud platform
  • define the networking and communication architecture of a cloud platform including SDN
  • deploy a Microsoft Azure virtual network
  • define the compute service as it applies to the cloud platform
  • deploy a Microsoft Azure virtual machine
  • define storage and Storage as a Service within a cloud platform
  • deploy a Microsoft Azure storage account
  • explore cloud resources using the Microsoft Azure portal
  • explore cloud resources using command line tools
  • list requirements for logical design, including tenant partitioning and access control
  • summarize the key concepts covered in this course

Overview/Description

General categories of IT services in cloud computing include compute, storage, and networking. Explore how these services address business requirements, along with how GUI and command line tools are used to manage cloud resources. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Managing & Securing Cloud Infrastructure

Course Number:
it_spccsp19_10_enus
Lesson Objectives

CCSP 2019: Managing & Securing Cloud Infrastructure

  • discover the key concepts covered in this course
  • recognize hardware specific security configuration requirements such as BIOS, settings for TPM, KVM switches, HSM, storage controllers, and network controllers
  • deploy a cloud virtual machine using a template
  • install Microsoft Azure virtual machine extensions
  • define techniques to secure network configuration and network support tools, including VLAN, TLS, DHPC and Authorized DHCP, DNS, and IPsec
  • define the deployment of network security-related controls, including firewalls, IDS, IPS, honeypot deployment, and vulnerability assessment/threat mitigation
  • describe standalone and cluster host availability, backup, and failover, in addition to load balancing, dynamic optimization, maintenance mode, and general high availability best practice adoption
  • define operating system hardening techniques with reference to operating systems like Windows, Linux, VMware, etc.
  • deploy Microsoft Azure virtual machines into an availability set
  • connect to a Microsoft Azure Windows virtual machine using RDP
  • connect to a Microsoft Azure Linux virtual machine using SSH
  • view Microsoft Azure virtual machine metrics
  • enable Microsoft Azure virtual machine metric alerts
  • enable on-premises file server cloud backup
  • enable Microsoft Azure virtual machine cloud backups
  • summarize the key concepts covered in this course

Overview/Description

Fundamental to cloud service security are the construction and design of secure data centers and their hosted hardware and systems. Explore how to implement, operate, and manage physical and logical cloud infrastructure. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Cloud System Architecture Design

Course Number:
it_spccsp19_01_enus
Lesson Objectives

CCSP 2019: Cloud System Architecture Design

  • discover the key concepts covered in this course
  • define and describe cloud components
  • define cloud system participants - consumers, providers, partners, auditors, and regulators
  • outline the operational characteristics of cloud computing such as on-demand self-service, broad network access, multi-tenancy, rapid elasticity and scalability, resource pooling, and measured service
  • outline the supporting architectural components and infrastructure of cloud computing such as virtualization, storage, networking, databases, and orchestration
  • detail Cloud Computing Activities with reference to ISO/IEC 17789, Clause 9
  • define how cloud services are categorized based on supported services and capabilities such as application capability types, platform capability types, and infrastructure capability types
  • describe the industry-defined standard categories of cloud computing such as Software as a Service, Infrastructure as a Service, and Platform as a Service
  • describe the responsibility of cloud services between customers and providers
  • recognize the impact of technologies such as machine learning, artificial intelligence, blockchain, Internet of Things, containers, and quantum computing
  • describe business requirements such as Service Level Agreement, Master Service Agreement, Statement of Work, and stakeholders
  • differentiate between vendor and contract management, including right to audit, metrics, definitions, termination, litigation, assurance, compliance, access to cloud/data, and cyber risk insurance
  • describe the significance of surfacing the Supply Chain with reference to cloud-hosted application software
  • summarize the key concepts covered in this course

Overview/Description

Cloud services vary in size and complexity, and the deployed architecture impacts directly on service and data asset security. Explore aspects of cloud computing architectural design, as well as associated cloud systems and cloud components.



Target

Prerequisites: none

CCSP 2019: Data Center Security

Course Number:
it_spccsp19_07_enus
Lesson Objectives

CCSP 2019: Data Center Security

  • discover the key concepts covered in this course
  • describe risk as it applies to cloud services and underlying infrastructure and adopt a risk analysis and management posture regarding cloud computing
  • outline the integration of information security and risk management activities into a formal framework
  • describe known threats and attack vectors associated with cloud services and infrastructure
  • describe threat mitigation and attack handling techniques including ACL, designing in security, and adopting security measures
  • generate a Microsoft Azure storage account shared access signature
  • deploy a Microsoft Azure network security group
  • configure Microsoft Azure RBAC to control virtual machine management
  • recognize the difference between authentication and authorization
  • define auditing techniques and responsibilities within certain scopes, including asset access, asset status, deletions, archiving, and reporting
  • list various types of audit reports such as Statement on Standards for Attestation Engagements, Security Operations Center, and International Standard on Assurance Engagements
  • enable business continuity by replicating virtual machines to secondary regions
  • conduct a Microsoft Azure virtual machine failover test
  • deploy a Microsoft Azure virtual machine scale set
  • deploy a Microsoft Azure load balancer
  • summarize the key concepts covered in this course

Overview/Description

Risk management in the cloud ensures that realized threats have a minimal impact on business operations. Explore how security controls address security objectives, as well as the IT audit process and how to configure high availability for cloud services. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Data Retention & Events

Course Number:
it_spccsp19_05_enus
Lesson Objectives

CCSP 2019: Data Retention & Events

  • discover the key concepts covered in this course
  • configure Microsoft Azure cloud storage data retention policies
  • enable Microsoft Azure storage account soft deletion
  • configure Azure storage account blob archiving
  • configure a Microsoft Azure immutable blob storage access policy
  • describe eDiscovery in the cloud
  • filter Microsoft Azure resource management activity events
  • create Microsoft Azure log queries
  • list the various capabilities of SIEM such as data aggregation, correlation, alerting, compliance, retention, and forensic analysis
  • summarize the key concepts covered in this course

Overview/Description

Discover how to meet regulatory compliance needs by planning and implementing data retention, deletion, and archiving policies. Explore how data events can be analyzed and used for troubleshooting problems. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Data Security Technologies

Course Number:
it_spccsp19_03_enus
Lesson Objectives

CCSP 2019: Data Security Technologies

  • discover the key concepts covered in this course
  • define the various technologies associated with data asset security and protection
  • describe Amazon Web Services storage types including long term, ephemeral, and raw-disk
  • differentiate between data owner and data custodian, including risk profile, risk appetite, and responsibility
  • describe potential threats associated with storage types including ISO/IEC 27040
  • enable encryption for Microsoft Azure virtual machine disks
  • create a Microsoft Azure Key Vault and key
  • generate file hashes using Microsoft PowerShell
  • enable Microsoft Azure SQL Database dynamic masking (obfuscation)
  • describe data tokenization technologies
  • configure Microsoft Azure Information Protection
  • summarize the key concepts covered in this course

Overview/Description

The responsibility for managing data falls on the cloud customer. Explore data storage, threats, and security mitigations to help ensure data protection. Examine security techniques such as hashing, data masking, data tokenization, and data loss prevention. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Identity & Access Management

Course Number:
it_spccsp19_09_enus
Lesson Objectives

CCSP 2019: Identity & Access Management

  • discover the key concepts covered in this course
  • describe IAM
  • deploy a new Microsoft Azure AD tenant
  • create Microsoft Azure AD users and groups
  • create AWS users and groups
  • define single sign-on/off and its place within the cloud service security framework
  • synchronize on-prem Active Directory with Azure AD using AD Connect
  • attach policies to AWS users and groups
  • recognize how MFA enhances sign-in security
  • enable MFA for Microsoft Azure AD users
  • perform a cloud user MFA sign-in
  • summarize the key concepts covered in this course

Overview/Description

Explore how to design appropriate Identity and Access Management solutions using federated identity, identity providers, single sign-On, multi-factor authentication, and Cloud Access Security Broker. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Implementing Data Discovery & Classification

Course Number:
it_spccsp19_04_enus
Lesson Objectives

CCSP 2019: Implementing Data Discovery & Classification

  • discover the key concepts covered in this course
  • list IRM objectives such as data rights, provisioning, and access models
  • recognize data discovery approaches and techniques for structured and unstructured data
  • list challenges associated with data discovery in the cloud
  • enable data classification using Microsoft Azure Information Protection for sensitive data such as Protected Health Information, Personally Identifiable Information, and card holder data
  • recognize how PKI provides security for digital IT solutions
  • use PowerShell to create PKI certificates
  • generate certificates in a Microsoft Azure Key Vault
  • define how VPNs are used for secure cloud resource access
  • configure a Microsoft Azure point-to-site VPN
  • configure a custom Microsoft Azure Key Vault key for storage account encryption
  • summarize the key concepts covered in this course

Overview/Description

Proper data governance begins with labeling data and then applying security controls based on those labels. Explore information rights management and the challenges associated with data discovery, as well as the role PKI security certificates and VPNs play in the cloud. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Operational Controls & Standards

Course Number:
it_spccsp19_11_enus
Lesson Objectives

CCSP 2019: Operational Controls & Standards

  • discover the key concepts covered in this course
  • ensure compliance by using change management
  • recognize the importance of continuity management
  • describe components of a good information security management plan
  • recognize how to track and maintain detailed information about IT components within an organization
  • view SLAs for cloud services
  • identify digital forensic strategies that apply to cloud computing including the scope of the analysis
  • identify the hardware used for digital forensics
  • identify the software used for digital forensics
  • describe chain of custody for evidence collection and non-repudiation
  • view security listings in the Microsoft Azure Security Center
  • summarize the key concepts covered in this course

Overview/Description

Compliance with regulations and controls is one of the most crucial components of operation controls and standards. Explore management components used to ensure proper documentation, auditing, and accountability procedures are followed. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

CCSP 2019: Secure Cloud Computing

Course Number:
it_spccsp19_02_enus
Lesson Objectives

CCSP 2019: Secure Cloud Computing

  • discover the key concepts covered in this course
  • describe the deployment of Internal Information Security Management and Security Control Systems
  • describe the encryption of cloud-hosted assets
  • describe access and access control for cloud-hosted assets like data, files, and resources
  • outline asset and media management with respect to deletion, removal, and overwrite on a cloud platform
  • define issues and solutions relating to cloud network structures
  • deploy a jump box to limit direct cloud virtual machine access
  • capture traffic in a Microsoft Azure cloud computing environment
  • deploy a Microsoft Azure Firewall
  • define issues and solutions relating to cloud virtualization infrastructures including hypervisor security and container security
  • list and describe known and common threats to cloud infrastructure and data assets
  • define security responsibilities on a per cloud model
  • describe the security-based data life cycle of cloud-hosted assets like data, files, and features
  • describe business continuity and disaster recovery as it applies to a cloud service, RTO, RPO, RLO, and RSL
  • describe focus areas relating to the functional security of the cloud service including vendor lock-in, interoperability, portability, migration, etc. as per (ISO/IEC) 27017
  • describe methodologies for mapping cloud service requirements to service provider certification and product certifications
  • summarize the key concepts covered in this course

Overview/Description

Explore security solutions related to securing cloud-based IT systems and data including jump boxes and firewalls. Discover how disaster recovery concepts such as RTO and RPO apply to the cloud. This course can be used in preparation for the Certified Cloud Security Professional exam.



Target

Prerequisites: none

Close Chat Live