Certified Cloud Security Professional (CCSP)

COURSES INCLUDED

CCSP 2019: CLOUD SYSTEM ARCHITECTURE DESIGN
Cloud services vary in size and complexity, and deployed architecture carries a direct impact on service and data asset security. In this 15-video course, learners explore aspects of cloud computing architectural design, along with associated cloud systems and components. Begin by looking at cloud component definitions and various cloud system participants: consumers, providers, partners, auditors, and regulators. Next, view operational characteristics of cloud computing: on-demand, self-service, broad network access, multi-tenancy, rapid elasticity and scalability, resource pooling, and measured service. Look at supporting architectural components and infrastructure of cloud computing such as virtualization and storage. Examine details of Cloud Computing Activities with reference to ISO/IEC 17789, clause 9. Learn how cloud service categories are based on supported services and capabilities such as application, platform, and infrastructure capability types, and examine cloud deployment categories and models. Learn about the responsibility of cloud services between customers and providers. Explore the impact of technologies such as machine learning, and examine business requirements and contracts and aspects of vendor and contract management. A final exercise covers supply chain management. This course will help a learner prepare for the (ISC)2 Certified Cloud Security Professional (CCSP) exam.
14 videos | 54m Assessment

CCSP 2019: SECURE CLOUD COMPUTING
Explore security solutions related to securing cloud-based IT systems and data including jump boxes and firewalls in this 13-video course. Discover how disaster recovery concepts such as RTO (recovery time objective) and RPO (recovery point objective) apply to the cloud. This course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Examine Internal Information Security Management and Security Control Systems, cryptography, and encryption of cloud-hosted assets. Learn about access control for cloud-hosted assets, asset removal, and storage media sanitization. Explore cloud network security issues and solutions such as firewall access control lists (ACLs). Learn how a jump box limits direct cloud virtual machine access. Capture traffic in a Microsoft Azure cloud computing environment, and deploy a Microsoft Azure Firewall. Look at security in virtualized environments, including infrastructure and data threats and platform-specific security responsibilities. Examine the security-based lifecycle of cloud-hosted assets and business continuity and disaster recovery concepts such as RTO and RPO and cloud functional security. Finally, learners view methodologies for mapping cloud service requirements to service provider certification and product certifications.
17 videos | 1h 21m Assessment

CCSP 2019: DATA SECURITY TECHNOLOGIES
Responsibility for managing data falls on the cloud customer. In this 7-video course, learners explore data storage, threats, and security mitigations to help ensure data protection. Examine security techniques such as hashing, data masking, data tokenization, and data loss prevention. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin by looking at various technologies associated with data asset security and protection. Examine Amazon Web Services storage types including long-term, ephemeral, and raw-disk. Learn how to differentiate between data owner and data custodian, including risk profile, risk appetite, and responsibility. Look at potential threats associated with storage types including ISO/IEC 27040. Learn about encryption for Microsoft Azure virtual machine disks, and about key management, which involves creating an Azure Key Vault and key. Discover how to generate files hashes using Microsoft PowerShell. Look at data masking, or enabling Microsoft Azure SQL Database dynamic masking (obfuscation), and data tokenization technologies. Finally, learn about data loss prevention by configuring Microsoft Azure Information Protection.
12 videos | 36m Assessment

CCSP 2019: IMPLEMENTING DATA DISCOVERY & CLASSIFICATION
Proper data governance begins with labeling data and applying security controls based on those labels. Explore information rights management (IRM) and challenges associated with data discovery, as well as the roles played by PKI (public key infrastructure) security certificates and virtual private networks (VPNs) in the cloud. This 6-video course prepares learners for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Begin with IRM objectives such as data rights, provisioning, and access models. Examine data discovery approaches and techniques for structured and unstructured data, and challenges of data discovery in the cloud. Then examine data classification, enabled by using Microsoft Azure Information protection for sensitive data such as Protected Health Information (PHI) and Personally Identifiable Information (PII), and cardholder data. Recognize how PKI provides security for digital IT solutions; how to use PowerShell to create PKI certificates; and how to generate certificates in a Microsoft Azure Key Vault. Learn how VPNs are used for secure cloud resource access. Then configure a Microsoft Azure point-to-site VPN and a custom Microsoft Azure Key Vault key for storage account encryption.
12 videos | 43m Assessment

CCSP 2019: DATA RETENTION & EVENTS
Discover how to meet regulatory compliance needs by planning and implementing data retention, deletion, and archiving policies. Explore how data events can be analyzed and used for troubleshooting problems. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts in this course include: how to configure Azure cloud storage data retention policies; how to enable Azure storage account soft deletion; how to configure Azure storage account blob archiving; and how to configure an Azure immutable blob storage access policy. You will also learn about the standards and best practices when using eDiscovery and its purpose to find information that is stored in a digital manner for use with legal proceedings; how to filter Azure resource management activity events; and how to create Azure log queries. Finally, learn how to use the various capabilities of security information and event management (SIEM) such as data aggregation, correlation, alerting, compliance, retention, and forensic analysis.
10 videos | 29m Assessment

CCSP 2019: CLOUD INFRASTRUCTURE
General categories of IT services in cloud computing include compute, storage, and networking. Explore how these services address business requirements, along with how graphical user interface (GUI) and command line tools are used to manage cloud resources. This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts in this course include: the physical aspect of a cloud platform and the related physical architecture; the networking and communication architecture of a cloud platform, including software-defined networking (SDN); how to deploy a Azure cloud virtual network; and how to understand the compute service as it applies to the cloud platform. In addition, learn how to deploy an Azure virtual machine (VM); to define storage and Storage as a Service (STaaS) within a cloud platform; and to deploy an Azure storage account. Finally, learn about cloud resources using the Azure portal; cloud resources using command line tools; and list requirements for logical design, including tenant partitioning and access control.
12 videos | 46m Assessment

CCSP 2019: DATA CENTER SECURITY
Risk management ensures that realized threats have minimal impact on business operations. This 16-video course explores how security controls address security objectives, as well as the IT audit process, and how to configure high availability for cloud services. This course helps learners prepare for the Certified Cloud Security Professional exam. Key concepts covered include: risk as it applies to cloud services and underlying infrastructure, and risk analysis and management posture regarding cloud computing; integration of information security and risk management activities into a formal framework; threats and attack vectors associated with cloud services and infrastructure; and threat mitigation and attack handling techniques. Next, learn to generate an Azure storage account shared access signature, how to deploy an Azure network security group; and how to configure an Azure role-based access control (RBAC) to control virtual machine (VM) management. Finally, learn about certain auditing techniques and responsibilities and various types of audit reports. Learn how to conduct an Azure VM failover test; to deploy an Azure VM scale set; and to deploy an Azure load balancer.
16 videos | 1h 1m Assessment

CCSP 2019: APPLICATION DEVELOPMENT & SECURITY
Discover the importance of application security training and awareness and explore cloud development basics and common pitfalls and cloud vulnerabilities. This 16-video course helps in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: how the software development lifecycle can incorporate security when developing cloud applications, including using GitHub; common data privacy standards, such as Secure Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and Payment Card Industry Data Security Standard (PCI DSS); and how Open Web Application Security Project (OWASP) applies to web application security. Next, learn how to configure an Azure Web Application Firewall; to deploy an Azure web app; and to configure Hypertext Transfer Protocol Secure (HTTPS) for an Azure web app custom DNS domain name. Examine different application programming interface (API) formats such as representational state transfer (REST) and simple object access protocol (SOAP); and deployment of an Azure function app. Finally, examine application testing and methodologies and learn how to apply threat modeling to reduce the impact of cloud threats.
16 videos | 1h 11m Assessment

CCSP 2019: IDENTITY & ACCESS MANAGEMENT
Explore how to design appropriate Identity and Access Management (IAM) solutions using federated identity, identity providers, single sign-on (SSO), multifactor authentication (MFA), and cloud access security broker (CASB). This course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. The key concepts covered in this course include: how to configure IAM identifying and authorizing entities to use resources, in this case in the cloud; how to deploy a new Azure Active Directory (AD) tenant; how to create an Azure AD users and groups; how to create Amazon Web Services (AWS) users and groups; how to define single sign-on/off and its place within the cloud service security framework; how to synchronize on-premises AD with Azure AD using AD Connect; how to attach policies to AWS users and groups; how MFA enhances sign-in security; how to enable MFA for Azure AD users; and how to perform a cloud user MFA sign-in.
12 videos | 34m Assessment

CCSP 2019: MANAGING & SECURING CLOUD INFRASTRUCTURE
Fundamental to cloud service security are the construction and design of secure data centers and their hosted hardware and systems. Explore how to implement, operate, and manage physical and logical cloud infrastructure. This 16-video course can be used in preparation for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: how to recognize security configuration requirements such as basic input/output system (BIOS), settings for Trusted Platform Module (TPM), keyboard, video, and mouse (KVM) switches, hardware security module (HSM), storage and network controllers; techniques to secure network configuration and network support tools including virtual local area network (VLAN), Transport Layer Security (TLS), Dynamic Host Configuration Protocol (DHCP) and Authorized DHCP, Domain Name System (DNS), and Internet Protocol Security (IPsec); the deployment of network security-related controls, including firewalls, intrusion detection system (IDS), intrusion prevention system (IPS), honeypot deployment, and vulnerability assessment/threat mitigation; connect to a Azure Linux virtual machine (VM) using Secure Shell (SSH); and how to enable Azure VM metric alerts, on-premises file server cloud backup, and VM cloud backups.
16 videos | 56m Assessment

CCSP 2019: OPERATIONAL CONTROLS & STANDARDS
Compliance with regulations and controls is one of the most crucial components of operation controls and standards. Explore management components used to ensure proper documentation, auditing, and accountability procedures in this 12-video course, which helps prepare for the (ISC)2 Certified Cloud Security Professional (CCSP) exam. Key concepts covered in this course include: compliance by using change management and the importance of continuity management. Change management is all about controlling the risk related to making changes to minimize disruptions. Continuity management is where we need to identify assets and processes. Learn the components of a good information security management plan; how to track and maintain detailed information about IT components within an organization; and view service level agreements (SLAs) for cloud services. Next, learn about digital forensic strategies that apply to cloud computing including the scope of the analysis; the hardware and software used for digital forensics; the chain of custody for evidence collection and non-repudiation; and how to view security listings in the Azure Security Center.
12 videos | 40m Assessment