• Classroom
  • Online, Instructor-Led
Course Description

There is a lot of hype and uncertainty around cloud security, but this class will slice through the hyperbole and provide students with the practical knowledge they need to understand the real cloud security issues and solutions. The Cloud Computing Security Knowledge-Foundation class provides students a comprehensive one-day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, background on the CSA CCM and CAIQ tools, and the recommendations from the European Network and Information Security Agency (ENISA). This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security.

Learning Objectives

  • Describe cloud models and architectures, and how to apply the Shared Responsibility model to building a cloud security program.
  • Determine the impacts of cloud computing on governance, legal, risk, and regulatory compliance.
  • Adapt existing security principles and practices for cloud deployments, including the impact of cloud on all traditional security domains.
  • Apply Cloud Security Alliance Security Guidance, Cloud Controls Matrix, and other research to a cloud security program.
  • Evaluate how to secure the cloud management plane and ensure business continuity for cloud computing.
  • Compare the effectiveness of different access controls and cloud encryption models.
  • Assess how application security and secure software development change in the cloud.
  • Respond to security incidents in the cloud.
  • Develop Security as a Service (SECaaS) recommendations based on organizational requirements and legal obligations.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):