There is a lot of hype and uncertainty around cloud security, but this class will slice through the hyperbole and provide students with the practical knowledge they need to understand the real cloud security issues and solutions. The Cloud Computing Security Knowledge-Foundation class provides students a comprehensive one-day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, background on the CSA CCM and CAIQ tools, and the recommendations from the European Network and Information Security Agency (ENISA). This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security.
Learning Objectives
- Describe cloud models and architectures, and how to apply the Shared Responsibility model to building a cloud security program.
- Determine the impacts of cloud computing on governance, legal, risk, and regulatory compliance.
- Adapt existing security principles and practices for cloud deployments, including the impact of cloud on all traditional security domains.
- Apply Cloud Security Alliance Security Guidance, Cloud Controls Matrix, and other research to a cloud security program.
- Evaluate how to secure the cloud management plane and ensure business continuity for cloud computing.
- Compare the effectiveness of different access controls and cloud encryption models.
- Assess how application security and secure software development change in the cloud.
- Respond to security incidents in the cloud.
- Develop Security as a Service (SECaaS) recommendations based on organizational requirements and legal obligations.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.