Certificate in Cloud Security Knowledge(CCSK+)
From £1,927 + VAT was £2,320
Book online today or, if you need help choosing the right course or would like to discuss business discounts, call us on 0113 220 7150.
Overview
Covering all 12 domains of critical cloud security knowledge, this CCSK+ v5 course covers the core concepts, best practices, and recommendations for securing an organization on the cloud regardless of the provider or platform, with hands-on labs.
Learn and practice applying the knowledge from all 12 domains of the Cloud Security Alliance (CSA) Security Guidance v5.
What's included
- Official CCSK+ course materials
- Official CCSK+ course labs
- Official CCSK+ exam voucher & practice questions
- Certified CCSK+ instructor
Prerequisites
There are no prerequisites for this course.
Outline
Domain 1: Cloud Computing Concepts & Architectures
Describes and defines cloud computing, sets baseline terminology, and details the overall controls, deployment, and architectural models.
Learning Objectives
- Defining Cloud Computing
- Abstraction & Orchestration
- Cloud Computing Models
- Essential Characteristics
- Cloud Service Models
- Infrastructure as a Service (IaaS)
- Platform as a Service (PaaS)
- Software as a Service (SaaS)
- Cloud Deployment Models
- CSA Enterprise Architecture Model
- Cloud Security Scope, Responsibilities, & Models
- Shared Security Responsibility Model
Domain 2: Cloud Governance
Focuses on cloud governance with an emphasis on the role of security and how enterprise governance helps align the strategic, tactical, and operational capabilities of information and technology with the business objectives.
Learning Objectives
- Cloud Governance
- The Governance Hierarchy
- Cloud Security Frameworks
- Policies
Domain 3: Risk, Audit, & Compliance
Focuses on cloud security, risk, audit, and compliance, including evaluating cloud service providers and establishing cloud risk registries.
Learning Objectives
- Cloud Risk Management
- Cloud Risks
- Understanding Cloud Risk Management
- Assessing Cloud Services
- The Cloud Register
- Compliance & Audit
- Jurisdictions
- Cloud-Relevant Laws & Regulations Examples
- Compliance Inheritance
- Artifacts of Compliance
- Governance, Risk, Compliance Tools & Technologies
Domain 4: Organization Management
Focuses on managing your entire cloud footprint, including securing and validating service provider deployments.
Learning Objectives
- Organization Hierarchy Models
- Definitions
- Organization Capabilities Within a Cloud Service Provider
- Building a Hierarchy Within a Provider
- Managing Organization-Level Security Within a Provider
- Identity Provider & User/Group/Role Mappings
- Common Organization Shared Services
- Considerations for Hybrid & Multi-Cloud Deployments
- Organization Management for Hybrid Cloud Security
- Organization Management for Multi-Cloud Security
- Organization Management for SaaS Hybrid & Multi-Cloud
Domain 5: Identity & Access Management
Focuses primarily on IAM between an organization and cloud providers or between cloud providers and services.
Learning Objectives
- Fundamental Terms
- Federation
- Common Federation Standards
- How Federated Identity Management Works
- Managing Users & Identities for Cloud Computing
- Strong Authentication & Authorization
- Authentication & Credentials
- Entitlement & Access Management
- Privileged User Management
Domain 6: Security Monitoring
Presents unique security monitoring challenges and solutions for cloud environments, emphasizing the distinct aspects of cloud telemetry, management plane logs, service and resource logs, and the integration of advanced monitoring tools.
Learning Objectives
- Cloud Monitoring
- Logs & Events
- Beyond Logs - Posture Management
- Cloud Telemetry Sources
- Management Plane Logs
- Service & Application Logs
- Resource Logs
- Cloud Native Tools
- Collection Architectures
- Log Storage & Retention
- Cascading Log Architecture
- AI for Security Monitoring
Domain 7: Infrastructure & Networking
Focuses on managing the overall infrastructure footprint and network security, including the CSP's infrastructure security responsibilities.
Learning Objectives
- Cloud Infrastructure Security
- Foundational Infrastructure Security Techniques
- CSP Infrastructure Security Responsibilities
- Infrastructure Resilience
- Cloud Network Fundamentals
- Cloud Networks are Software-Defined Networks
- Cloud Connectivity
- Cloud Network Security & Secure Architectures
- Preventative Security Measures
- Detective Security Measures
- Infrastructure as Code (IaC)
- Zero Trust for Cloud Infrastructure & Networks
- Software-Defined Perimeter & ZT Network Access
- Secure Access Service Edge (SASE)
Domain 8: Cloud Workload Security
Focuses on the related set of software and data units that are deployable on some type of infrastructure or platform.
Learning Objectives
- Introduction to Cloud Workload Security
- Types of Cloud Workloads
- Impact on Workload Security Controls
- Securing Virtual Machines
- Virtual Machine Challenges & Mitigations
- Creating Secure VM Images with Factories
- Snapshots & Public Exposures/Exfiltration
- Securing Containers
- Container Image Creation
- Container Networking
- Container Orchestration & Management Systems
- Container Orchestration Security
- Runtime Protection for Containers
- Securing Serverless and Function as a Service
- FaaS Security Issues
- IAM for Serverless
- Environment Variables & Secrets
- Securing AI Workloads
- AI-System Threats
- AI Risk Mitigation and Shared Responsibilities
Domain 9: Data Security
Addresses the complexities of data security in the cloud, covering essential strategies, tools, and practices for protecting data in transit and at rest.
Learning Objectives
- Primer on Cloud Storage
- Volume/Block Storage
- Object Storage
- Database Storage
- Other Types of Storage
- Data Security Tools and Techniques
- Data Classification
- Identity and Access Management
- Access Policies
- Encryption and Key Management
- Data Loss Prevention
- Cloud Data Encryption at Rest
- Cloud Data Key Management Strategies
- Data Encryption Recommendations
- Data Security Posture Management
- Object Storage Security
- Data Security for Artificial Intelligence
- AI as a Service
Domain 10: Application Security
Focuses on the unique challenges and opportunities presented by application security in the cloud environment from the initial design phase to ongoing maintenance.
Learning Objectives
- Secure Development Lifecycle
- SDLC Stages
- Threat Modeling
- Testing: Pre-Deployment
- Testing: Post Deployment
- Architecture’s Role in Secure Cloud Applications
- Cloud Impacts on Architecture-Level Security
- Architectural Resilience
- Identity & Access Management and Application Security
- Secrets Management
- Dev Ops & DevSecOps
Domain 11: Incident Response & Resilience
Focuses on identifying and explaining best practices for cloud incident response and resilience that security professionals may reference when developing their own incident plans and processes.
Learning Objectives
- Incident Response
- Incident Response Lifecycle
- Preparation
- Incident Response Preparation & Cloud Service Providers
- Training for Cloud Incident Responders
- Detection & Analysis
- Cloud Impact on Incident Response Analysis
- Cloud System Forensics
- Containment, Eradication, & Recovery
- Containment
- Eradication
- Recovery
- Post Incident Analysis
Domain 12: Related Technologies & Strategies
Introduces the foundational concepts and focuses on developing a strategic cybersecurity approach to Zero Trust and Artificial Intelligence.
Learning Objectives
- Zero Trust
- Technical Objectives of Zero Trust
- Zero Trust Pillars & Maturity Model
- Zero Trust & Cloud Security
- Artificial Intelligence
- Characteristics of AI Workloads
- Next Steps
Lab Material Outline
- Core Account Security
Learn what to configure in the first 5 minutes of opening a new cloud account and enable security controls such as MFA, basic monitoring, and IAM.
- IAM & Monitoring In-Depth
Expand on your work in the first lab and implement more-complex identity management and monitoring. This includes expanding IAM with Attribute Based Access Controls, implementing security alerting, and understanding how to structure enterprise-scale IAM and monitoring.
- Network & Instance Security
Create a virtual network (VPC) and implement a baseline security configuration. You will also learn how to securely select and launch a virtual machine (instance), run a vulnerability assessment in the cloud, and connect to the instance.
- Encryption & Storage Security
Expand your deployment by adding a storage volume encrypted with a customer managed key. You will also learn how to secure snapshots and other data.
- Application Security & Federation
Finish the technical labs by completely building out a 2-tier application and implementing federated identity using OpenID.
- Risk & Provider Assessment
Practice using the CSA Cloud Controls Matrix and STAR registry to evaluate risk and select a cloud provider.
QA is proud to be an official Cloud Security Alliance training provider
Download the CCSK v5 FAQ
Cyber Security learning paths
Want to boost your career in cyber security? Click on the roles below to see QA's learning pathways, specially designed to give you the skills to succeed.
Cyber Security for Cloud learning paths
Cloud Security learning paths
Want to boost your career in Cloud Security? View QA's learning pathway below, specially designed to give you the skills to succeed.
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.
Let's talk
A member of the team will contact you within 4 working hours after submitting the form.