Certified Cloud Security Officer
Are you ready for the cloud? The cloud has everyone up in arms when discussing security! The benefits of the Cloud are great; however, many companies have concerns about adopting a cloud architecture due to the inherent security risks of adding this additional architectural layer. This course will provide for you what you do not find in other classes! The combination of knowledge tailored around the 6 domains in the C)CSO examination along with implementing cloud security, auditing and compliance. This is all managed by a unique delivery of the C)CSO domains along with the hands on labs needed to truly understand what is happening to your data at all the layers of the cloud stack. This is a relevant course which introduces many technologies used in the cloud from implementing a vRealize cloud to using a new key management solution from various vendors.
Virtualization Administrators, Cloud Administrators, CIO, Virtualization and Cloud Auditors, Virtualization and Cloud Compliance Officers, anyone that needs a general understanding of security in the Cloud, those seeking the CCSP Certification.
Recommended minimum one-year experience with virtualization technology or equivalent knowledge. General understanding of cloud architectures. Minimum one-year experience with general security.
Learning Outcomes / Objectives
- To gain the knowledge needed to pass the Certified Cloud Security Officer Exam
- To fully understand Cloud Security from a real-world view point.
- To receive the hands-on experience needed to implement Cloud Security with VMware vRealize, VMware vSphere, Amazon AWS, Microsoft Azure and other products generally used in cloud implementations.
- To have a general working knowledge on what to audit in a cloud architecture.
- To know hands-on methods of auditing a cloud environment from a best practices Security view point.
- To understand how compliance is viewed and dealt with in the cloud.
Continuing education: 40 CEUs
The Certified Cloud Security Officer exam is taken online through Mile2’s Assessment and Certification System (“MACS”), which is accessible on your mile2.com account. The exam will take 2 hours and consist of 100 multiple choice questions. The cost is $400 USD and must be purchased from Mile2.com.
Module 0 – Course Introduction
Module 1 – Cloud introduction and Design Fundamentals
- Cloud Introduction
- Including deep dive into the virtualization layer
- Cloud and Business Objectives Meet as One
- Cloud Security from A-Z
- Design Doctrines
- How do we find Trusted Cloud Services?
Module 2 – Data Security in the Cloud
- Data Life Cycle
- Data Storage Designs for the Cloud
- Strategies for Designing Data Security
- Data Discovery and Classification Technologies
- Understanding Jurisdictional Data Protection for Personally Identifiable Information (PII)
- All about Data Rights Management
- Data Retention, Deletion, and Archival Policies
- Auditability, Traceability, and Accountability of Data Events
Module 3 – The Basis for Cloud Security and surrounding Environment
- Understanding Cloud Infrastructure Components
- Analyze Risks in the Cloud Infrastructure
- Security Control Design for the Cloud
- Disaster Recovery and Business Continuity Management for the Cloud
Module 4 – Application Security in the Cloud
- Training and Awareness for Application Security
- Software Development Life Cycle (SDLC) Process
- Learning to apply the Secure Software Development Life Cycle
- Verifying the use of Secure Software
- Proper use of Identity and Access Management (IAM) Solutions
- Additional components used in the Cloud Application Architecture
- Software Assurance and Validation
Module 5 – Managing Cloud Security
- Supporting the Data Center Design
- Physical Infrastructure for the Cloud
- Running the Physical Infrastructure
- Managing the Physical Infrastructure
- Building the Logical Infrastructure for the Cloud
- Running the Logical Infrastructure for the Cloud
- Managing the Logical Infrastructure for the Cloud
- Maintaining Compliance with Regulations and Controls
- Conducting Risk Assessment for the Logical and Physical Infrastructure
- Properly plan for the Collection, Acquisition and Preservation of Digital Evidence
- Managing Communications with Relevant Parties
Module 6 – Legal Issues, Auditing, and Compliance
- Discussing the Legal Requirements and Risks Unique to the Cloud
- Privacy Issues and the relevance of Jurisdiction
- The Audit Process and Methodologies for the Cloud
- Cloud to Enterprise Risk Management
- Contract design for Outsourcing and Cloud Agreements
- Managing Vendors in the Cloud
Labs – These are not all required during class but will be leveraged to better understand the complexities in cloud security. This is a general list, not a complete list of every lab.
- Cloud Migration Evaluation
- Understanding the virtual layer, hacking included
- Understanding how network traffic routes in the virtual and cloud layer
- Harden the virtual layer Management layer, Hypervisor and the VMs.
- Setup and Deploy an IaaS Solution
- Setup SaaS Solution
- Setup PaaS Solution
- Evaluate SaaS, PaaS, and IaaS solutions for security capabilities
- Cloud Business Driver Audit
- Service Level Agreement Exercise
- Identity and Access Control Management
- Encryption and Key Management
- Small Scope Private Cloud Security Audit