• Online, Self-Paced
Course Description

In a computing environment where client data assets are remotely hosted, data asset security becomes an important factor when considering the potential transition to cloud services. This course describes and explores issues relating to the management and protection of data assets hosted on a cloud platform, and data in transit to and from a cloud platform. In this course, you will learn about all aspects of data management: protection, auditing, access, legislative impact, storage, deletion, security, ownership, data rights management, encryption, classification, known threats to data assets, and threat mitigation. The course covers the essential topics for the ISC2's Certified Cloud Security Professional examination Domain 2 requirements.

Learning Objectives

The Lifecycle of Cloud-hosted Data Assets

  • start the course
  • define the various life stages of cloud-hosted data assets
  • define the various technologies associated with data asset security and protection


Cloud Storage Systems Design/Deployment

  • define storage modes in a cloud computing environment, and be able to map data assets to appropriate storage mode
  • define and describe potential threats associated with storage types
  • define threat mitigation technology and techniques


Data Security Design and Application

  • define encryption as it applies to cloud-hosted data
  • describe key-pair management as it applies to cloud-hosted data
  • describe data masking and masking methodologies
  • describe data tokenization technologies
  • describe technology selection with respect to criteria


Data Privacy and Protection

  • list active data privacy protection legislation by jurisdiction Data Privacy Acts/Laws
  • describe data discovery and its implementation methodologies
  • outline data classification and the classification of discovered sensitive data
  • detail data asset mapping to data control types


Data Rights Management

  • define data rights objects in terms of user access control, managing roles, and role-based access options


Data Management

  • define data retention policy principles and how to develop appropriate practices
  • outline principles, and how to define and manage data deletion procedure and methodologies
  • outline principles, and how to define and manage data archiving procedures and methodologies


Data Events and Audit Management

  • list event sources and associated identity
  • detail event recording, analyzing event data, and aspects of storage and protection of event data
  • describe COC as it applies to data hosted on the cloud and understand how nonrepudiation is handled within a cloud hosting environment


Practice: Cloud Data Security

  • describe common storage media threats, data protection techniques and failover architectures


Framework Connections