About CCSK training:
Cloud Computing Security Knowledge (CCSK) is the world leading cloud security certification coming from the Cloud Security Alliance. The certification covers all major aspects in cloud security including risk management, provider evaluation, infrastructure and application security, identity management and much more.
CCSK Foundation: Frontal teaching of 6 modules that covers all topics relevant to Cloud Computing security.
About the instructor:
Moshe Ferber is a leading information security expert with rich 20 years’ experience in information security, and specialist’s expertise in identity management, information security event management and related innovative technologies. In the past served as information security manager for Ness Technologies, founder of Cloud7, a MSSP provider and plenty more. Mr. Ferber is one of the most experienced CCSK trainers who taught hundreds of students and spoke at numerous public speaking events worldwide
Cloud Computing Security Knowledge – Foundation
7.3.2016 9:00-17:00 (7 CPE)
There is a lot of hype and uncertainty around cloud security, but this class will cut through that and provide students with the practical knowledge they need to understand the real cloud security issues and solutions. The Cloud Computing Security Knowledge- Foundation class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA).
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
At the end of this Cloud Security training course students will have built a deeper understanding of:
- Cloud computing characteristics, resources, service models and security considerations
- Creating and Securing a Public Cloud Instance how is security impacted by the adoption of one or more cloud service models. What to expect from providers. Risk, Governance and Compliance considerations when looking at Cloud solutions.
- Securing Data in the Public Cloud cloud data storage options, moving data throughout the management lifecycle and encryption architectures.
- Securing users and applications in the cloud include the provider in your threat assessment, testing implications, Identity Management standards.
- Creating and Securing Private Cloud virtulisation security concepts, managed internally or externally, on or off site.
WHO SHOULD ATTEND
This Cloud Security training course is aimed at Security professionals, IT Managers, those responsible for technical risk, governance and assurance, those delivering cloud solutions and those looking at expanding their cloud security knowledge. It is expected that attendees will have knowledge of security fundamentals such as: firewalls, encryption, secure development and identity management.
This course is broken out into 6modules that cover the 13 domains of the CSA Guidance and the ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security.
Module 1: Introduction to Cloud Computing. This module covers the fundamentals of cloud computing, including definitions, architectures, and the role of virtualization. Key topics include cloud computing service models, delivery models, and fundamental characteristics. It also introduces a model for assessing the risk of moving to the cloud.
Module 2: Infrastructure Security for Cloud Computing. This modules digs into the details of securing the core infrastructure for cloud computing- including cloud components, networks, management interfaces, and administrator credentials. Students will learn the key components to public and private clouds and techniques for securing them.
Module 3: Managing Cloud Security and Risk. This module covers important considerations for managing security for cloud computing. It begins with risk assessment and governance, then covers legal and compliance issues, such as discovery requirements in the cloud. It finishes with a discussion or portability and interoperability and managing incident response when working with cloud providers.
Module 4: Data Security for Cloud Computing. One of the biggest issues in cloud security is protecting data. This module covers information lifecycle management for the cloud and how to apply security controls, with an emphasis on public cloud. Topics include the Data Security Lifecycle, cloud storage models, data security issues with different delivery models, and managing encryption in and for the cloud.
Module 5: Application Security and Identity Management for Cloud Computing. This module covers identity management and application security for cloud deployments. Topics include federated identity and different IAM applications, secure development, and managing application security in and for the cloud.
Module 6: Selecting Cloud Services. This module covers key considerations when evaluating, selecting, and managing cloud computing providers. It includes important questions to ask and what to look for. We also discuss the role of Security as a Service providers.