Center for Qualified CyberSecurity Excellence & Mastery

Get Q/ualified!

As organizations migrate to the cloud, they need information security professionals who are cloud-savvy. The CCSK certificate is widely recognized as the standard of expertise for cloud security and gives you a cohesive and vendor-neutral understanding of how to secure data in the cloud. The CCSK credential is the foundation to prepare you to earn additional cloud credentials specific to certain vendors or job functions.

This class provides the foundational knowledge needed to utilize cloud services and enables you to gain critical insights into topics such as data security, key management, and identity and access management and speak with confidence about cloud security concerns.

Class Fee:$3,990
Time:72 hrs
Learning Level:Entry
Contact Hours: 41hr Lecture 31 hr labs
Prerequisites:Understanding of TCP/IP Protocols
Credits:72 CPE / 3 CEU
Method of Delivery:Residential (face-to-face) or Hybrid
Instructor:TBD 
Method of Evaluation:95 % attendance     2. 100 % completion of Lab
Grading:Pass = Attendance+ labs & quizzes Fail  > 95% Attendance
Text Materials:labs, SU Pen Testing Materials, resource CD’s and attack handouts

 

This 72 hour accelerated class is taught using face to face modality or hybrid modality. Class includes 72 hours of contact studies, labs, reading assignments and final exam - passing the final exam is a requirement for graduation.
Machines a Dual Core 16M Ram, 1TGig drives, running MS OS, linux, and VMWare Workstation.

Who Is This Program For?
Cloud Computing Analyst, Cloud Administrator, Cloud Architect, Cloud Engineer, Enterprise Architect, Security Administrators, Security Architect and Systems Engineer are cloud security job roles.

What you will learn:
Introduction to Information Security within Cloud Computing
Selecting secure cloud services begins with understanding business requirements. This course will teach you to identify and select secure cloud services based upon business requirements.

The Certificate of Cloud Security Knowledge, enables you to gain critical insights into topics such as data security, key management, and identity and access management. You’ll have the skills and knowledge of Managing Cloud Security and Risk needed to reduce risks to an acceptable degree to the business.With an expanding array of cloud services being offered daily it is easy for the inexperienced to lack awareness of security functions in cloud offerings. In this course, Introduction to Information Security within Cloud Computing, you’ll learn to identify and select secure cloud services based upon business requirements. First, you’ll explore the detailed definition of cloud computing. Next, you’ll discover the deployment and service models of cloud computing. Finally, you’ll learn how to use a matrix to review the controls enacted by a cloud provider. When you’re finished with this course, you’ll have the skills and knowledge of, Introduction to Information Security within Cloud Computing needed to select secure cloud services that meet business requirements.

 

CLICK TO ROLL DOWN OUR CLASS SYLLABUS »

 

Summary

Earning the CCSK will provide you with the knowledge to effectively develop a holistic cloud security program relative to globally accepted standards. It covers key areas, including best practices for IAM, cloud incident response, application security, data encryption, SecaaS, securing emerging technologies, and more. If you want to learn more, you can the CCSK guide.

Advanced CCSK

36 hours of in-depth discussion of cloud platform technologies; giving you a look into how the services are built and managed, and the security implications. We will then quickly start building out a sandbox environment and deploying security controls.

Some of the topics and techniques covered will include (at a minimum):

Use of accounts for managing blast radius.
Building out advanced cloud virtual networks.
Leveraging inherent cloud capabilities for network security.
Use of DNS management, auto scale groups, load balancers, and other technologies for immutable infrastructure.
Advanced Identity and Access management for cloud, including setting up SAML federation across providers.
Privileged user management, MFA, and other access essentials.
Securing serverless, PaaS and mixed IaaS/PaaS architectures.

This next 36 hours focuses on designing secure architectures, integrate with evOps, and build your own SecDevOps toolkit for managing cloud security at scale:

Fundamentals of SecDevOps.
Building secure deployment pipelines.
Integrating automated security testing into deployment pipelines.
Cloud security architectural patterns for major application types.
Cloud data security and encryption.
Automating continuous security monitoring and alerting using cloud native capabilities.
Security automation through the console.
Security automation through code.
Scaling your security operations to hundreds (or thousands) of accounts through automation.

Students should have basic familiarity with at least one public cloud provider (Amazon or Azure) and hands-on experience launching and managing basic instances/services. They should also be comfortable with the command line and basic scripting. Additionally we highly encourage students to understand basic Ruby programming for the coding portions. Code snippets will be provided, so students with experience in other languages should be able to keep up. This is a very broad, advanced training that requires a diverse skills set to complete all the labs. Students may fall behind in certain sections due to the rapid pace but the labs can all be completed outside of the training environment if needed. Only about 10% of those who take the class have the background to complete every hands-on portion but we ensure through lecture that everyone gains the needed knowledge.