Cloud Security: intermediate
Expertise:
- 12 Courses | 13h 52m 27s
- 3 Books | 24h 38m
- 14 Courses | 12h 40m 31s
- 7 Books | 21h 45m
- 27 Courses | 19h 2m 27s
- 7 Books | 37h 10m
The cloud is a powerful place, and like local networks, a high level of security is required to be protected from cybersecurity threats and risks. Come learn the various aspects of cloud security.
GETTING STARTED
Cloud Security Fundamentals: Basics of Cloud Operations
-
1m 13s
-
10m 44s
GETTING STARTED
CCSP 2022: Cloud Computing Concepts & Reference Architectures
-
1m 19s
-
7m 16s
COURSES INCLUDED
Cloud Management
Learners can explore cloud deployment considerations, cloud management, and some of the challenges and considerations resulting from different types of cloud platforms, in this 14-video course. To begin, take a look at the challenges of cloud service such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). This leads into learning about challenges introduced by different types of cloud platforms such as public, private, hybrid, and community. Learners next explore considerations related to cloud management and study specifics about cloud application architecture, and Identity and Access Management (IAM) solutions. Discover how to differentiate between physical versus logical infrastructure for cloud operations, and how to implement operational controls and standards. Observe how to ensure compliance with regulations and controls, such as Information Technology Infrastructure Library (ITIL) and ISO/IEC 20000-1; learn to recognize different privacy concerns; and take a look at auditing, its processes and methodologies. Examine the importance of Service Level Agreements (SLAs), and finally, learn about vendor management considerations such as supply chain risk.
14 videos |
1h 12m
Assessment
Badge
Cloud Platform Security: Designing Secure Access
In this course, you'll examine the principles of identity and privileged access management, which will help you and your organization to secure the content in the cloud. We will take a deep dive on IAM concepts of three platforms, configuring the directory services and identifying regions. You'll also learn about securing the cloud resources using subnets, virtual private clouds, security groups and virtual networks.
16 videos |
1h 30m
Assessment
Badge
Cloud Platform Security: Infrastructure Protection
In this course, you'll learn how to protect organizational cloud infrastructure by optimizing security using tools like Azure Advisor. This will help you to understand seccurng cloud contents, configuring the security for these contents, methods of implementing access control lists (ACLs) to secure the storage and network in the cloud. You'll explore how to apply security measures on different levels of security using available features, tools and also you will learn about hardware security modules and key vaults.
18 videos |
1h 32m
Assessment
Badge
Cloud Platform Security: System Monitoring & Protection
Cloud system monitoring is used to proactively identify and evaluate security vulnerabilities and allow organizations to explore options to protect their assets using available cloud platform tools. In this course, you'll learn how to proactively shield cloud infrastructure by monitoring organizational security using built-in Azure and Google Cloud Platform (GCP) security tools and services. You'll examine how to use monitoring tools like security information in Azure, Google Cloud Armor, Google Cloud Scanner, and the VM placement algorithm to prevent threats.
13 videos |
1h 29m
Assessment
Badge
Cloud Platform Security: Incident Response & Remediation
In this course, you'll learn how to remeditate cloud infrastructure security vulnerabilities by detecting and responding to them. Both Azure and the Google Cloud Platform (GCP) provide tools to mitigate and recover from data loss. Tools that can be leveraged for security incidence response and mitigation include the Azure Security Centre (ASC), Cloud Security Scanner, and Google Cloud Security Command Centre (SCC).
12 videos |
1h 9m
Assessment
Badge
Cloud Platform Security: Platform & Infrastructure Security
The physical site of the data center, along with the physical and virtual assets, play a very important role in cloud security. Network assets, storage, and the software layout of virtualization are important tools in bringing cloud up as a service. In this course, you'll learn about the physical cloud assets and the basic concepts of regions and availability zones. You'll also learn why it's important to secure them and protect them from various external attacks and processes.
8 videos |
52m
Assessment
Badge
Cloud Security Management: Architecture Security
Cloud objects are very dynamic, so it is important to be familiar with current cloud core design, as well as cloud security and integrity. In this course, you'll learn about cloud security management. You'll examine key terms and cloud roles that can be adopted to meet client requirements. In addition, you'll explore cloud transition scenarios, how to secure the cloud perimeter, the importance of access control, common cloud threats, and cloud model security considerations. Lastly, you'll learn about the secure data life cycle, business continuity, and disaster recovery planning.
12 videos |
1h 12m
Assessment
Badge
Cloud Security Management: Operations Security
Operations is one of the most crucial steps in the administration process. Handled properly, they ensure loop holes get closed and provide evidence details that can be used in issue tracking. In this course, you'll learn about different types of operations, how to execute them, and why they are important in the dynamic nature of the cloud. You'll also learn about communicating with stakeholders, digital evidence, and business continuity planning.
12 videos |
1h 24m
Assessment
Badge
Cloud Security Management: Data Security
Data is the key to information on different components within an organization, so it's vital to understand and manage data and security events. With the dynamic nature of the cloud, it's also essential to understand how to track and secure data. In this course, you'll learn about the different types of data and how to securely manage it. In addition, you'll examine different types of compliance, privacy rights, and protection policies.
10 videos |
48m
Assessment
Badge
Cloud Security Management: Risk Management
Every organization needs to understand risk and be familiar with how to mitigate it. Cloud services have different stakeholders and projects, and for this reason having a good understanding of risk is important. In this course, you'll learn about different types of risk and how to properly manage them. In addition, you'll explore risk auditing, business continuity, and disaster recovery.
9 videos |
1h 4m
Assessment
Badge
Cloud Security Management: Platform & Infrastructure Security
The physical site of the data center, along with the physical and virtual assets, play a very important role in cloud security. Network assets, storage, and the software layout of virtualization are important tools in bringing cloud up as a service. In this course, you'll learn about the physical cloud assets and the basic concepts of regions and availability zones. You'll also learn why it's important to secure them and protect them from various external attacks and processes.
8 videos |
49m
Assessment
Badge
Cloud Security Management: Legal & Compliance
It is important to understand the different cloud compliance procedures that should be followed by service providers and data owners. It's also vital to be familiar with the various cloud-specific legal compliance guidelines. In this course, you'll learn about international legislation conflicts, cloud-specific risks, legal controls, e-Discovery processes, and requirements for forensic analysis.
9 videos |
47m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
Cloud Security Fundamentals: Basics of Cloud Operations
Learners can build a foundation for upcoming cloud security topics by exploring cloud definitions, roles, deployment models, characteristics, and building block technologies in this 9-video course. In the first tutorial, you will learn what cloud computing is, its definitions, and roles. You will then examine the characteristics of key cloud computing models, including Infrastructure as a Service (IaaS), Software as a Service (SaaS), and Platform as a Service (Paas). Learners next take a look at the building blocks of what makes cloud computing tick, which is virtualization technology. Following on from this, you will explore compute building block technologies; storage building block technologies, and networking building block technologies. You will also need to be aware of the different database building block technologies offered by your cloud provider. In the final tutorial in this course, learners will compare common public cloud solution provider (CSP) product offerings. In the concluding exercise, you will need to list four advantages of cloud computing, four common software as a service solutions, and four database building block technologies.
10 videos |
54m
Assessment
Badge
Cloud Security Fundamentals: Architectural & Design Concepts
In this 9-video course, learners explore the fundamentals of cloud architecture and design, including three-tier design, shared responsibility, development lifecycles, risk management, and migration and deployment strategies. Begin by taking a look at a common three-tier design model, consisting of a web tier, an application tier, and a database tier model. You will also examine how to expand this into a four-tier model, for more granular visibility and security in the middle layers. The next tutorial concerns the importance of understanding the shared responsibility between your organization, your data center, your assets, your server farms, your development code, and your provider. Learners will then observe how to perform cost/benefit analysis for the cloud service provider (CSP). Also, you will explore common development lifecycles, and learn about the basics of risk management. Delve into common deployment and migration strategies, and the Cloud Security Alliance (CSA) cloud data lifecycle. In the final tutorial, learners will examine the basics of storage management lifecycles. The concluding exercise directs learners to describe cloud architecture concepts,
10 videos |
32m
Assessment
Badge
Cloud Security Fundamentals: Cloud Infrastructure Security
Learners discover how to secure the Cloud Solution Provider (CSP) account from the outset by using best practices and techniques, in this 11-video course. Other infrastructure security concepts such as Integrated Access Manager (IAM), network access control lists (NACLs), firewalls, and web application firewalls (WAFs) are also covered. Begin by learning about designing and planning security controls to ensure adequate protection of resources. Then explore practical aspects of dealing with a cloud service provider and securing the root account, or billing account. The next tutorial focuses on IAM groups and users, which leads into examining IAM policies and permissions. You will learn how to define IAM roles; explore secure management access; and define network access control lists. Learn about secure management access and Secure Shell (SSH) and transport layer security (TLS). Learn how to define NACLs; configure stateful firewalls (which track connections and automatically allow returning traffic) in the cloud; and describe WAFs. In the final tutorial, discover best practices for hardening virtual machines. The concluding exercise asks learners to describe cloud infrastructure security.
12 videos |
58m
Assessment
Badge
Cloud Security Fundamentals: Cloud Data Security
In this 10-video course, you will learn about securing cloud data-at-rest and data-in-transit by using various cryptographic mechanisms and security controls offered by the cloud service provider. To begin, you will take a look at cryptographic mechanisms, and then move on to common cryptography protocols. In the next tutorial, you will compare client-side encryption (CSE) and server-side encryption (SSE), and then examine file and database security. You will explore object storage security, examples of which would be Google Cloud Storage and Amazon's S3, before taking a look at using key management services from the cloud service provider. Observe how to define public key infrastructure (PKI), which is based on asymmetric key cryptosystems. In the final tutorial in this course, you will be examining hardware security modules, or HSM. A module is a device or a modular component or a piece of hardware that protects and manages digital keys, which can be session keys, private keys, part of a PKI. The concluding exercise entails describing cloud data security.
10 videos |
47m
Assessment
Badge
Cloud Security Fundamentals: Cloud Application Security
Explore how to secure applications in the cloud, including training and awareness, assurance and validation, the secure software development lifecycle (SDLC), federated services, single sign-on (SSO), and advanced managed services from cloud providers, in this 8-video course. Begin by learning to define training and awareness in application security, and then learn about cloud software assurance and validation. The next tutorial concerns using verified secure software, focusing on two methodologies for security testing or application security testing (AST), in your organization. You will then learn about applying the secure software development lifecycle. You will take a look at comparing cloud application architectures, which includes the five key steps to building a secure cloud-ready application. You will discover federation and SSO solutions, and finally, observe how to compare advanced cloud security products. In the concluding exercise, you are asked to list methods of creating security awareness, methods for enhancing application security in the cloud, and the steps of successful software validation.
9 videos |
43m
Assessment
Badge
Cloud Security Fundamentals: Legal & Compliance
In this 8-video course, you will explore the critical and often over-looked approaches to legal and regulatory compliance when working with cloud solution providers. The best way to manage compliance by using different regulations and different security controls is to have some type of methodology or architecture, and this can involve a wide variety of different practices, so you will take a look at some of these practices. Next, you will delve into legal requirements and risks as it is important to be aware of certain legal requirements and regulations and other risks that go along with various aspects of dealing with cloud computing. You will continue by examining privacy issues and jurisdictional variation. Next, you will learn about audit processes and methodologies for the cloud, followed by outsourcing and cloud contract design. The final tutorial in this course focuses on common regulations and mandates. The concluding exercise directs learners to describe legal and compliance issues in the cloud.
8 videos |
29m
Assessment
Badge
Cloud Computing Fundamentals: Presence & Privacy
Security and privacy are major concerns in cloud computing. Discover the importance of understanding the presence and privacy factors when conducting business in the cloud.
10 videos |
34m
Assessment
Badge
Cloud Computing Fundamentals: Risk Management
Although most concerns regarding security in the cloud are exaggerated, there are specific areas to be aware of and cautious about. Explore some of the key risk areas and methods that can be used in risk assessment when moving to the Cloud.
9 videos |
56m
Assessment
Badge
Cloud Security Administration: Introduction
While importing data or running workloads in the cloud, it is important to ensure security and consider various associated risks. There are regulatory certifications that help ensure that all assets in the cloud are safe and that all procedures have been implemented to protect the client's intellectual rights and data. In this course, you'll examine different government regulations, compliance, and e-frameworks. In addition, you'll learn about audit and cloud certification that can help customers understand the type of workload running in the cloud.
11 videos |
1h 5m
Assessment
Badge
Cloud Security Administration: Infrastructure Planning
Cloud infrastructure consists of the physical location of the cloud data center. Depending on the data center location, there are different risks that are taken by the service provider and different methods used to tackle security issues. A secure cloud is created by using open source software and creating a technical support pool. Additionally, basic security concepts like protecting data in motion and in rest using encryption can be employed so that clients can only see their data. In this course, you'll learn about baselining cloud infrastructure, different components like hardware and software, and challenges faced in cloud environments.
13 videos |
55m
Assessment
Badge
Cloud Security Administration: Cloud Data & Application Security
Various applications are persisting in the cloud, proper practices have to be followed to secure their code and data. The cloud being a modular product, it has large amount of code associated and integrated into it. For this reason, proper life cycle management is required. This includes patching, encryption, and minimizing business impact, and ensuring the tools and applications are available. In this course, you'll learn about the cloud software life cycle, securing the applications, and securing access to different assets in cloud.
13 videos |
1h
Assessment
Badge
Cloud Security Administration: Hardened Cloud Security
An important concept in cloud security is system and OS hardening, which can aid in reducing software vulnerability and provide data confidentiality and privacy. Hardening protects against exploitation of weaknesses in software, which could be applications, operating systems, or firmware. Vulnerability assessments and using penetration testing to discover issues in code or software can be used to protect the software. In this course, you'll learn about hardening, why it's important to decrease or eliminate security vulnerabilities, and best practices for software and hardware protection.
10 videos |
45m
Assessment
Badge
Cloud Security Administration: Continuous Operational Improvement
"To manage, operate, and maintain the cloud environment, proper procedures have to be in place. In this course, you'll learn about design concepts and the various models that can be used for operational improvements. You'll then move to on learn about how to create a management plan, ITSM operation management, risk management, and stakeholder communication. "
11 videos |
1h 26m
Assessment
Badge
Cloud Security Administration: Regulatory Conformance
While importing data or running workloads on the cloud, it's important to ensure security and be aware of risks. In this course, you'll learn about various cloud regulatory certifications that help ensure that all cloud assets are safe and all procedures have been implemented to protect client data and intellectual rights. You'll also explore the e-Discover process, cloud auditing, service level agreements, and supply chain management.
11 videos |
1h 29m
Assessment
Badge
SHOW MORE
FREE ACCESS
COURSES INCLUDED
CCSP 2022: Cloud Computing Concepts & Reference Architectures
There are several cloud computing fundamental definitions, characteristics, and building block technologies each CCSP candidate should know. Learn about these and other core cloud computing concepts in this CCSP course. Explore the core fundamentals, core concepts, and technologies of cloud computing, such as cloud roles and responsibilities, broad network access, virtualization, and others. Next, study cloud computing's shared considerations and value propositions, including interoperability, agility, security, resiliency, performance, and more. Finally, examine the impact of cloud and related technologies like data science, artificial intelligence (AI), the Internet of Things (IoT), DevSecOps, and others. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.
11 videos |
1h
Assessment
Badge
CCSP 2022: Cloud Security Concepts & Design Principles
Candidates for the CCSP exam will need to have a foundational knowledge of cloud security concepts and design principles. Through this course, learn about the cloud security concepts and design principles of the CCSP 2022 exam. Learn about cryptography, identity and access control, and the cloud secure data lifecycle. Next, study networking and virtualization security, common cloud threats, cloud security hygiene, and cloud-based business continuity and disaster recovery plans. Finally, discover the functional security requirements and responsibilities for cloud service types and design patterns and explore DevOps security. This is one of a collection of courses that fully prepares the learner for the (ISC)² Certified Cloud Security Professional (CCSP) 2022 exam.
13 videos |
56m
Assessment
Badge
CCSP 2022: Cloud Data Security
One of the most tested areas on the CCSP exam is the critical function of cloud data security. In this course, you will explore a wide array of data concepts and storage architectures. You will discover data obfuscation techniques like masking, anonymization, and tokenization as well as Data Loss Prevention (DLP) and Information Rights Management (IRM). Finally, you will explore data discovery, classification policy, and data event auditability and traceability. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
44m
Assessment
Badge
CCSP 2022: Cloud Infrastructure & Platform Components
Each CCSP candidate must approach the exam in two roles. One role is that of a customer of a large cloud service provider, and the other is that of a security manager overseeing their own cloud data center infrastructure. With this course, look deeper at cloud infrastructure and platform components. In this course, learn about the physical and network cloud environments. Next, explore cloud communications and the compute resources of cloud. Finally, examine cloud virtualization resources, core components of cloud storage, and the management plane. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
9 videos |
33m
Assessment
Badge
CCSP 2022: Data Center Design & Risk Analysis
CCSP exam candidates will need to have a solid foundation in best practices for data center design and managing potential cloud risks and vulnerabilities. In this course, you will explore the aspects of resilient and secure data center design, including logical, physical, and environmental considerations. You will also explore cloud infrastructure risk assessment, cloud vulnerabilities, threats, and attacks, as well as cloud risk mitigation strategies. This course is one of a collection that prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
9 videos |
50m
Assessment
Badge
CCSP 2022: Planning & Implementing Security Controls
Security controls play a critical role in effective cybersecurity management. Properly planning and implementing security controls helps to provide protection for a wide variety of infrastructures within an organization. Through this course, explore tactical approaches for planning and implementing security controls. Learn about planning and executing on-premises physical and environmental protection. Next, discover how protection works for operating systems and storage. Finally, explore communication object resource protection in a cloud data center, cloud identity management (IdM), and auditing mechanisms. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
9 videos |
35m
Assessment
Badge
CCSP 2022: Cloud Business Continuity Planning
When it comes to continuity of operations, the CCSP candidate must look at business continuity from the perspective of data center security management, as well as leveraging cloud managed services for continuity as a large customer. In this course, explore the main elements of business continuity planning (BCP). You will focus on the business impact analysis (BIA), including Recovery Time Objective (RTO), Recovery Point Objective (RPO), and recovery service levels. Then, you will examine different backup and restore policies and take a look at disaster recovery planning (DRP) and managed DRP cloud solutions. Finally, you will discover various disaster recovery plan testing strategies. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
7 videos |
34m
Assessment
Badge
CCSP 2022: Application Security Awareness & Life Cycles
A primary goal of the CCSP exam is to determine if each candidate can offer assurance that a cloud DevOps solution can be transitioned into a DevSecOps solution. This process involves confidentiality, integrity, authenticity, availability, and properly implementing non-repudiation services. With this course, learn about application security and secure software development life cycle (SDLC) processes. Explore cloud application architecture components and development and cloud development basics. Next, learn about SDLC business requirements and phases, as well as software threat modeling methods. Finally, examine secure coding methods, the software configuration management (SCM) process, and versioning. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
9 videos |
53m
Assessment
Badge
CCSP 2022: Software Assurance & Validation
It's one thing to make an impressive presentation to upper management and acquire the necessary resources to lower risks to your cloud resources. However, the decision-makers will expect an ongoing assessment of the success of the various implemented countermeasures and controls. With this course, learn about cloud software development assurance and validation. Explore functional and non-functional testing approaches and security testing methods. Next, examine OWASP API security strategies and the basics of supply chain management. Finally, learn about third-party software management and open-source software validation and vulnerabilities. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
28m
Assessment
Badge
CCSP 2022: Identity & Access Management Solutions
Today, as employees gain access to their work apps and networks through a variety of devices, many cloud organizations are transitioning to zero trust environments where identity verification replaces traditional security perimeters - and implementing strong identity and access management solutions can help them better manage security risks. In this course, explore cloud identity access management and identity management services, federated identity, identity providers, single sign-on, multi-factor authentication, cloud access security brokers, managed security service providers, and secrets management services. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
29m
Assessment
Badge
CCSP 2022: Build & Implement a Physical & Logical Cloud Infrastructure
This course looks under the hood at the logical and physical aspects of the cloud data center, whether it be on-premises or at a cloud service provider. Explore hardware-specific security configuration requirements and installation and configuration of management tools. Next, examine virtual hardware security configuration requirements, focusing on software-defined security (SDS) and storage area network (SAN) security, including best practices of storage and network controllers. Then, learn how to install guest OS virtualization tools. Finally, focus on secure network configuration with DNS Security Extensions and transport layer security. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
7 videos |
27m
Assessment
Badge
CCSP 2022: Operate & Maintain Physical & Logical Cloud Infrastructure
CCSP exam candidates will be expected to have a strong foundation in the continual operations and maintenance of the cloud data center. In this course, you will explore the physical and logical cloud infrastructure from an operations and maintenance perspective, including network security controls, operating system hardening, patch management, and Infrastructure-as-Code (IaC). Then, you will examine hypervisor cluster management, including clustered host and guest OS availability, virtual machine cluster performance, and capacity monitoring. Finally, you will take a look at backup and restore functions of hosts and guests. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
8 videos |
27m
Assessment
Badge
CCSP 2022: Operational Controls & Standards
An integral part of a Certified Cloud Security Professional's role is to implement operational controls and standards, like those from Information Technology Infrastructure Library (ITIL) and International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 20000-1. In this course, you will discover common governance processes. Begin by exploring configuration management and change management to ensure accurate information is available and maximize successful service changes. Then, focus on how to keep business functions maintained in the event of a disaster through continuity management. Learn how to protect your organization with a comprehensive information security management plan and how to set clear business-based targets for service performance with service level management strategies. Next, investigate the differences between incident and problem management, and release and deployment management. Finally, examine availability and capacity management to ensure that IT services meet the needs of customers and users. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
31m
Assessment
Badge
CCSP 2022: Manage Security Operations
Most large cloud service providers manage their global resources with a regional security operations center (SOC). SOC activities include intelligent security control monitoring, log capture and analysis with SIEM and SOAR systems, incident management, and vulnerability assessments. Through this course, learn how to manage and control security operations. Examine third-party communication management and security operations centers. Next, learn about various intelligent security control monitoring solutions and log capture and analysis. Finally, explore the incident management and vulnerability assessment processes. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
7 videos |
28m
Assessment
Badge
CCSP 2022: Legal Requirements, Privacy Issues, & Risk Management in the Cloud
Cloud computing presents a number of unique risks and issues since it routinely crosses many geographic and political boundaries, and international legislation, regulations, and privacy requirements can conflict with one another. In this course, examine the legal and privacy issues that a Certified Cloud Security Professional can expect to face. Begin by investigating conflicting international laws, eDiscovery, and Cloud Security Alliance (CSA) guidance. Then, focus on personal privacy issues related to protected health information (PHI), personally identifiable information (PII), and privacy impact assessments (PIAs), and compare privacy requirements including ISO/IEC 27018, Generally Accepted Privacy Principles (GAPP), and General Data Protection Regulation (GDPR). Finally, explore risk management by assessing risk management programs and studying regulatory transparency requirements, including breach notification, Sarbanes-Oxley (SOX), and GDPR. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
25m
Assessment
Badge
CCSP 2022: Cloud Audits, Methodologies, & Contracts
In this final Certified Cloud Security Professional (CCSP) course, the legal, risk and compliance objectives of Domain 6 continue to be explored. Through this course, gain a better understanding of cloud audits, methodologies, and contracts. Begin by exploring audit controls, reports, and their impact. Next, examine the topic of gap analysis and internal information security management systems. Finally, learn about other key concepts, including policies and stakeholder involvement, specialized compliance requirements, the impact of distributed IT, business agreement requirements, vendor management, contract management, and supply-chain management. This is one of a collection of courses that fully prepares the learner for the ISC2 Certified Cloud Security Professional (CCSP) 2022 exam.
10 videos |
26m
Assessment
Badge
CCSP 2019: Cloud System Architecture Design
Cloud services vary in size and complexity, and deployed architecture carries a direct impact on service and data asset security. In this 15-video course, learners explore aspects of cloud computing architectural design, along with associated cloud systems and components. Begin by looking at cloud component definitions and various cloud system participants: consumers, providers, partners, auditors, and regulators. Next, view operational characteristics of cloud computing: on-demand, self-service, broad network access, multi-tenancy, rapid elasticity and scalability, resource pooling, and measured service. Look at supporting architectural components and infrastructure of cloud computing such as virtualization and storage. Examine details of Cloud Computing Activities with reference to ISO/IEC 17789, clause 9. Learn how cloud service categories are based on supported services and capabilities such as application, platform, and infrastructure capability types, and examine cloud deployment categories and models. Learn about the responsibility of cloud services between customers and providers. Explore the impact of technologies such as machine learning, and examine business requirements and contracts and aspects of vendor and contract management. A final exercise covers supply chain management. This course will help a learner prepare for the (ISC)2 Certified Cloud Security Professional (CCSP) exam.
14 videos |
53m
Assessment
Badge
CCSP 2019: Secure Cloud Computing
Explore security solutions related to securing cloud-based IT systems and data including jump boxes and firewalls in this 13-video course. Discover how disaster recovery concepts such as RTO (recovery time objective) and RPO (recovery point objective) apply to the cloud. This course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Examine Internal Information Security Management and Security Control Systems, cryptography, and encryption of cloud-hosted assets. Learn about access control for cloud-hosted assets, asset removal, and storage media sanitization. Explore cloud network security issues and solutions such as firewall access control lists (ACLs). Learn how a jump box limits direct cloud virtual machine access. Capture traffic in a Microsoft Azure cloud computing environment, and deploy a Microsoft Azure Firewall. Look at security in virtualized environments, including infrastructure and data threats and platform-specific security responsibilities. Examine the security-based lifecycle of cloud-hosted assets and business continuity and disaster recovery concepts such as RTO and RPO and cloud functional security. Finally, learners view methodologies for mapping cloud service requirements to service provider certification and product certifications.
17 videos |
1h 21m
Assessment
Badge
CCSP 2019: Data Security Technologies
Responsibility for managing data falls on the cloud customer. In this 7-video course, learners explore data storage, threats, and security mitigations to help ensure data protection. Examine security techniques such as hashing, data masking, data tokenization, and data loss prevention. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin by looking at various technologies associated with data asset security and protection. Examine Amazon Web Services storage types including long-term, ephemeral, and raw-disk. Learn how to differentiate between data owner and data custodian, including risk profile, risk appetite, and responsibility. Look at potential threats associated with storage types including ISO/IEC 27040. Learn about encryption for Microsoft Azure virtual machine disks, and about key management, which involves creating an Azure Key Vault and key. Discover how to generate files hashes using Microsoft PowerShell. Look at data masking, or enabling Microsoft Azure SQL Database dynamic masking (obfuscation), and data tokenization technologies. Finally, learn about data loss prevention by configuring Microsoft Azure Information Protection.
12 videos |
36m
Assessment
Badge
CCSP 2019: Implementing Data Discovery & Classification
Proper data governance begins with labeling data and applying security controls based on those labels. Explore information rights management (IRM) and challenges associated with data discovery, as well as the roles played by PKI (public key infrastructure) security certificates and virtual private networks (VPNs) in the cloud. This 6-video course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin with IRM objectives such as data rights, provisioning, and access models. Examine data discovery approaches and techniques for structured and unstructured data, and challenges of data discovery in the cloud. Then examine data classification, enabled by using Microsoft Azure Information protection for sensitive data such as Protected Health Information (PHI) and Personally Identifiable Information (PII), and cardholder data. Recognize how PKI provides security for digital IT solutions; how to use PowerShell to create PKI certificates; and how to generate certificates in a Microsoft Azure Key Vault. Learn how VPNs are used for secure cloud resource access. Then configure a Microsoft Azure point-to-site VPN and a custom Microsoft Azure Key Vault key for storage account encryption.
12 videos |
42m
Assessment
Badge
CCSP 2019: Data Retention & Events
Discover how to meet regulatory compliance needs by planning and implementing data retention, deletion, and archiving policies. Explore how data events can be analyzed and used for troubleshooting problems. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts in this course include: how to configure Azure cloud storage data retention policies; how to enable Azure storage account soft deletion; how to configure Azure storage account blob archiving; and how to configure an Azure immutable blob storage access policy. You will also learn about the standards and best practices when using eDiscovery and its purpose to find information that is stored in a digital manner for use with legal proceedings; how to filter Azure resource management activity events; and how to create Azure log queries. Finally, learn how to use the various capabilities of security information and event management (SIEM) such as data aggregation, correlation, alerting, compliance, retention, and forensic analysis.
10 videos |
29m
Assessment
Badge
CCSP 2019: Cloud Infrastructure
General categories of IT services in cloud computing include compute, storage, and networking. Explore how these services address business requirements, along with how graphical user interface (GUI) and command line tools are used to manage cloud resources. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts in this course include: the physical aspect of a cloud platform and the related physical architecture; the networking and communication architecture of a cloud platform, including software-defined networking (SDN); how to deploy a Azure cloud virtual network; and how to understand the compute service as it applies to the cloud platform. In addition, learn how to deploy an Azure virtual machine (VM); to define storage and Storage as a Service (STaaS) within a cloud platform; and to deploy an Azure storage account. Finally, learn about cloud resources using the Azure portal; cloud resources using command line tools; and list requirements for logical design, including tenant partitioning and access control.
12 videos |
45m
Assessment
Badge
CCSP 2019: Data Center Security
Risk management ensures that realized threats have minimal impact on business operations. This 16-video course explores how security controls address security objectives, as well as the IT audit process, and how to configure high availability for cloud services. This course helps learners prepare for the Certified Cloud Security Professional exam. Key concepts covered include: risk as it applies to cloud services and underlying infrastructure, and risk analysis and management posture regarding cloud computing; integration of information security and risk management activities into a formal framework; threats and attack vectors associated with cloud services and infrastructure; and threat mitigation and attack handling techniques. Next, learn to generate an Azure storage account shared access signature, how to deploy an Azure network security group; and how to configure an Azure role-based access control (RBAC) to control virtual machine (VM) management. Finally, learn about certain auditing techniques and responsibilities and various types of audit reports. Learn how to conduct an Azure VM failover test; to deploy an Azure VM scale set; and to deploy an Azure load balancer.
16 videos |
1h
Assessment
Badge
CCSP 2019: Application Development & Security
Discover the importance of application security training and awareness and explore cloud development basics and common pitfalls and cloud vulnerabilities. This 16-video course helps in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: how the software development lifecycle can incorporate security when developing cloud applications, including using GitHub; common data privacy standards, such as Secure Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and Payment Card Industry Data Security Standard (PCI DSS); and how Open Web Application Security Project (OWASP) applies to web application security. Next, learn how to configure an Azure Web Application Firewall; to deploy an Azure web app; and to configure Hypertext Transfer Protocol Secure (HTTPS) for an Azure web app custom DNS domain name. Examine different application programming interface (API) formats such as representational state transfer (REST) and simple object access protocol (SOAP); and deployment of an Azure function app. Finally, examine application testing and methodologies and learn how to apply threat modeling to reduce the impact of cloud threats.
16 videos |
1h 10m
Assessment
Badge
CCSP 2019: Identity & Access Management
Explore how to design appropriate Identity and Access Management (IAM) solutions using federated identity, identity providers, single sign-on (SSO), multifactor authentication (MFA), and cloud access security broker (CASB). This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts covered in this course include: how to configure IAM identifying and authorizing entities to use resources, in this case in the cloud; how to deploy a new Azure Active Directory (AD) tenant; how to create an Azure AD users and groups; how to create Amazon Web Services (AWS) users and groups; how to define single sign-on/off and its place within the cloud service security framework; how to synchronize on-premises AD with Azure AD using AD Connect; how to attach policies to AWS users and groups; how MFA enhances sign-in security; how to enable MFA for Azure AD users; and how to perform a cloud user MFA sign-in.
12 videos |
34m
Assessment
Badge
CCSP 2019: Managing & Securing Cloud Infrastructure
Fundamental to cloud service security are the construction and design of secure data centers and their hosted hardware and systems. Explore how to implement, operate, and manage physical and logical cloud infrastructure. This 16-video course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: how to recognize security configuration requirements such as basic input/output system (BIOS), settings for Trusted Platform Module (TPM), keyboard, video, and mouse (KVM) switches, hardware security module (HSM), storage and network controllers; techniques to secure network configuration and network support tools including virtual local area network (VLAN), Transport Layer Security (TLS), Dynamic Host Configuration Protocol (DHCP) and Authorized DHCP, Domain Name System (DNS), and Internet Protocol Security (IPsec); the deployment of network security-related controls, including firewalls, intrusion detection system (IDS), intrusion prevention system (IPS), honeypot deployment, and vulnerability assessment/threat mitigation; connect to a Azure Linux virtual machine (VM) using Secure Shell (SSH); and how to enable Azure VM metric alerts, on-premises file server cloud backup, and VM cloud backups.
16 videos |
56m
Assessment
Badge
CCSP 2019: Operational Controls & Standards
Compliance with regulations and controls is one of the most crucial components of operation controls and standards. Explore management components used to ensure proper documentation, auditing, and accountability procedures in this 12-video course, which helps prepare for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: compliance by using change management and the importance of continuity management. Change management is all about controlling the risk related to making changes to minimize disruptions. Continuity management is where we need to identify assets and processes. Learn the components of a good information security management plan; how to track and maintain detailed information about IT components within an organization; and view service level agreements (SLAs) for cloud services. Next, learn about digital forensic strategies that apply to cloud computing including the scope of the analysis; the hardware and software used for digital forensics; the chain of custody for evidence collection and non-repudiation; and how to view security listings in the Azure Security Center.
12 videos |
40m
Assessment
Badge
SHOW MORE
FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THESE COURSES
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.BOOKS INCLUDED
Book
The Cloud Security Ecosystem: Technical, Legal, Business and Management IssuesPresenting the most current and leading-edge research on cloud security from a multi-disciplinary standpoint, this book examines the relationships between differing disciplines and discusses implementation and legal challenges in planning, executing, and using cloud security.
10h 48m
By Kim-Kwang Raymond Choo, Ryan Ko
Book
Security Designs for the Cloud, IoT, and Social NetworkingProviding cutting-edge research, this book delivers insights into the tools, opportunities, novel strategies, techniques, and challenges for handling security issues in cloud computing, Internet of Things and social networking.
5h 27m
By Chintan Bhatt, Dac-Nhuong Le, Mani Madhukar
Book
Security, Privacy, and Digital Forensics in the CloudWritten by some of the top experts in the field, this unique book specifically discusses security and privacy of the cloud, as well as the digital forensics of cloud data, applications, and services.
8h 23m
By Hassan Takabi, Lei Chen, Nhien-An Le-Khac (eds)
BOOKS INCLUDED
Book
Data Protection and the Cloud: Are You Really Managing the Risks?, Second EditionWith a view to helping managers ask the right questions, this book explains how you can effectively manage the risks associated with the Cloud and meet regulatory requirements.
41m
By Paul Ticher
Book
Security for Cloud Storage SystemsProviding an investigation of the security issues in the cloud storage systems, this practical resource introduces secure solutions to ensure data owners the safety and security of the data stored in the cloud.
1h 40m
By Kan Yang, Xiaohua Jia
Book
Cloud Management and SecurityWritten by an expert with over 15 years' experience in the field, this detailed and illustrative book establishes the foundations of Cloud computing, building an in-depth and diverse understanding of the technologies behind Cloud computing.
4h 27m
By Imad M. Abbadi
Book
Cloud Storage Security: A Practical GuideIntroducing and discussing the risks associated with cloud-based data storage from a security and privacy perspective, this book provides a checklist that enables the user, as well as the enterprise practitioner to evaluate what security and privacy issues need to be considered when using the cloud to store personal and sensitive information.
2h 23m
By Aaron Wheeler, Michael Winburn
Book
Security Considerations for Cloud ComputingOutlining the risk factors to consider for each cloud computing service and deployment model, this focused guide presents practical guidance to facilitate the decision process for IT and business professionals concerning the decision to move to the cloud.
44m
By ISACA
Book
Securing the Cloud: Cloud Computer Security Techniques and TacticsDetailing the benefits of moving to the cloud, this book offers a clear and concise framework to secure your business' assets while making the most of this new technology.
6h 23m
By Vic (J.R.) Winkler
Book
Security Designs for the Cloud, IoT, and Social NetworkingProviding cutting-edge research, this book delivers insights into the tools, opportunities, novel strategies, techniques, and challenges for handling security issues in cloud computing, Internet of Things and social networking.
5h 27m
By Chintan Bhatt, Dac-Nhuong Le, Mani Madhukar
SHOW MORE
FREE ACCESS
BOOKS INCLUDED
Book
Data Protection and the Cloud: Are You Really Managing the Risks?, Second EditionWith a view to helping managers ask the right questions, this book explains how you can effectively manage the risks associated with the Cloud and meet regulatory requirements.
41m
By Paul Ticher
Book
The Official (ISC)2 Guide to the CCSP CBK, Second EditionContaining step-by-step guidance through real-life scenarios, illustrated examples, tables, best practices, and more, this book offers a global, thorough perspective of each of CCSP's domains, including best practices and techniques used by the world's most experienced practitioners.
9h 24m
By Adam Gordon
Book
Secure Cloud ComputingPresenting a range of cloud computing security challenges and promising solution paths, this book will fill an important need in the rapidly emerging field of cloud computing security.
7h 32m
By Sushil Jajodia (ed), et al.
Book
Privacy and Security for Cloud ComputingFeaturing contributions from leading experts, this book analyzes the latest advances in privacy, security and risk technologies within cloud environments while presenting both a solid overview of the field and novel, cutting-edge research.
6h 41m
By George Yee (eds), Siani Pearson
Book
Securing the Cloud: Cloud Computer Security Techniques and TacticsDetailing the benefits of moving to the cloud, this book offers a clear and concise framework to secure your business' assets while making the most of this new technology.
6h 23m
By Vic (J.R.) Winkler
Book
Security for Cloud Storage SystemsProviding an investigation of the security issues in the cloud storage systems, this practical resource introduces secure solutions to ensure data owners the safety and security of the data stored in the cloud.
1h 40m
By Kan Yang, Xiaohua Jia
Book
Cryptography for Security and Privacy in Cloud ComputingRepresenting a compilation of various recent cryptographic primitives, this resource offers an overview of the possibilities of cryptography for protecting data and identity information, much beyond well-known cryptographic primitives such as encryption or digital signatures.
4h 49m
By Daniel Slamanig, Stefan Rass
SHOW MORE
FREE ACCESS
SKILL BENCHMARKS INCLUDED
Certified Cloud Security Professional (CCSP) Awareness (Entry Level)
The Certified Cloud Security Professional (CCSP) Awareness benchmark measures your exposure to basic cloud security practices and theories, mainly at the vocabulary level. A learner who scores high on this benchmark demonstrates that they have awareness in some areas of cloud security.
16m
| 16 questions
Certified Cloud Security Professional (CCSP) Competency (Intermediate Level)
The Certified Cloud Security Professional (CCSP) Competency benchmark measures your working experience with cloud security practices and theories. A learner who scores high on this benchmark demonstrates they have genuine working knowledge in the major areas of cloud security and can actively participate in discussions with peers. They can also work competently under the supervision of more advanced cloud security practitioners.
18m
| 18 questions
Certified Cloud Security Professional (CCSP) Literacy (Beginner Level)
The Certified Cloud Security Professional (CCSP) Literacy benchmark measures your exposure to basic cloud security practices and theories. A learner who scores high on this benchmark demonstrates that they have a genuine understanding of the major areas of cloud security and can actively participate in discussions with peers.
18m
| 18 questions
Certified Cloud Security Professional (CCSP) Proficiency (Advanced Level)
The Certified Cloud Security Professional (CCSP) Proficiency benchmark measures if your experience with cloud security practices and theories is extensive. A learner who scores high on this benchmark demonstrates that they have genuine working knowledge in the major areas of cloud security and can actively participate in discussions with peers. They can also work independently and mostly without supervision.
30m
| 30 questions
SHOW MORE
FREE ACCESS
SKILL BENCHMARKS INCLUDED
Certified Cloud Security Professional (CCSP): Cloud Concepts, Architecture, and Design Competency (Intermediate Level)
The Cloud Concepts, Architecture, and Design Competency (Intermediate Level) benchmark measures your knowledge of secure cloud computing concepts, architecture, and design principles. You will be evaluated on your recognition of service and deployment models, cloud reference architecture, security principles and requirements, cloud security models, and design principles. A learner who scores high on this benchmark demonstrates competency in many areas of the cloud computing conceptual discipline and has had some working exposure to CCSP cloud concepts, architecture, and design principles and practices for secure cloud computing.
30m
| 30 questions
Certified Cloud Security Professional (CCSP): Cloud Data, Platform, and Infrastructure Security Competency (Intermediate Level)
The Cloud Data, Platform, and Infrastructure Security Competency (Intermediate Level) benchmark measures your knowledge of securing cloud platforms, infrastructure, and cloud data. You will be evaluated on your skills in data classification, retention, encryption, leakage and loss prevention, storage security, and backup and recovery. A learner who scores high on this benchmark demonstrates competency in many security areas concerning cloud platforms, infrastructure, and cloud data. They have some practical experience with CCSP topics, including securing cloud data, virtual and physical components, network design, application development and deployment, vulnerability and identity and access management, and incident response and recovery principles and procedures.
15m
| 15 questions
Certified Cloud Security Professional (CCSP): Cloud Application Security Competency (Intermediate Level)
The Cloud Application Security Competency (Intermediate Level) benchmark measures your knowledge of software and application security. You will be evaluated on your skills in securing Software as a Service (SaaS) applications, securing software development and testing, implementing application security controls, and securing application deployment and maintenance. A learner who scores high on this benchmark demonstrates competency in many areas of the software and application security discipline and has had some working exposure to CCSP cloud application security principles and practices.
15m
| 15 questions
Certified Cloud Security Professional (CCSP): Cloud Security Operations Competency (Intermediate Level)
The Cloud Security Operations Competency (Intermediate Level) benchmark measures your knowledge of cloud security operations. You will be evaluated on your skills in security monitoring and analysis, security operations management, incident management and response, disaster recovery and business continuity planning, and network and infrastructure security. A learner who scores high on this benchmark demonstrates competency in many areas of operations related to cloud security discipline and has had some working exposure to CCSP cloud application security principles and practices.
25m
| 25 questions
Certified Cloud Security Professional (CCSP): Legal, Risk, and Compliance Competency (Intermediate Level)
The Legal, Risk, and Compliance Competency (Intermediate Level) benchmark measures your knowledge of legal, risk, and compliance cloud computing concepts. You will be evaluated on your recognition of relevant laws and regulations, risk assessments and management, compliance frameworks and standards, auditing and assessments, and privacy and data protection. A learner who scores high on this benchmark demonstrates competency in many areas of the legal, risk, and compliance discipline and has had some working exposure to the CCSP legal, risk, and compliance aspects of cloud computing.
30m
| 30 questions
SHOW MORE
FREE ACCESS