(ISC)2 Certified Cloud Security Professional (CCSP)

(CCSP.AE2)/ISBN:978-1-64459-407-0

This course includes
Lessons
TestPrep
Hand-on Lab
AI Tutor (Add-on)

Lessons

11+ Lessons | 652+ Exercises | 200+ Quizzes | 364+ Flashcards | 251+ Glossary of terms

TestPrep

150+ Pre Assessment Questions | 2+ Full Length Tests | 150+ Post Assessment Questions | 300+ Practice Test Questions

Hand on lab

25+ LiveLab | 25+ Video tutorials | 57+ Minutes

Here's what you will learn

Download Course Outline

Lessons 1: Introduction

  • CCSP Certification
  • Taking the CCSP Exam
  • Computer-Based Testing Environment
  • Exam Retake Policy
  • Work Experience Requirement
  • Recertification Requirements
  • What Does This Course Cover?
  • CCSP Exam Objectives
  • CCSP Certification Exam Objective Map

Lessons 2: Architectural Concepts

  • Cloud Characteristics
  • Business Requirements
  • Cloud Computing Service Categories
  • Cloud Deployment Models
  • Multitenancy
  • Cloud Computing Roles and Responsibilities
  • Cloud Computing Reference Architecture
  • Virtualization
  • Cloud Shared Considerations
  • Emerging Technologies
  • Summary
  • Exam Essentials

Lessons 3: Data Classification

  • Data Inventory and Discovery
  • Information Rights Management
  • Data Control
  • Summary
  • Exam Essentials

Lessons 4: Cloud Data Security

  • Cloud Data Lifecycle
  • Cloud Storage Architectures
  • Threats to Cloud Storage
  • Designing and Applying Security Strategies for Storage
  • Summary
  • Exam Essentials

Lessons 5: Security in the Cloud

  • Shared Cloud Platform Risks and Responsibilities
  • Cloud Computing Risks by Deployment Model
  • Cloud Computing Risks by Service Model
  • Virtualization
  • Disaster Recovery (DR) and Business Continuity (BC)
  • Cloud Design Patterns
  • Summary
  • Exam Essentials

Lessons 6: Cloud Platform, Infrastructure, and Operational Security

  • Foundations of Managed Services
  • Shared Responsibilities by Service Type
  • Securing Communications and Infrastructure
  • Securing Hardware and Compute
  • Securing Software
  • Managing Virtual Systems
  • Assessing Vulnerabilities
  • Securing the Management Plane
  • Auditing Your Environment and Provider
  • Summary
  • Exam Essentials

Lessons 7: Cloud Application Security

  • Developing Software for the Cloud
  • Cloud Application Architecture
  • Cloud-Secure Software Development Lifecycle (SDLC)
  • Cloud Application Assurance and Validation
  • Identity and Access Management
  • Summary
  • Exam Essentials

Lessons 8: Operations Elements

  • Designing a Secure Data Center
  • Managing Security Operations
  • Summary
  • Exam Essentials

Lessons 9: Operations Management

  • Monitoring, Capacity, and Maintenance
  • Change and Configuration Management
  • Problem and Incident Management
  • IT Service Management and Continual Service Improvement
  • Business Continuity and Disaster Recovery
  • Summary
  • Exam Essentials

Lessons 10: Legal and Compliance Issues

  • Legal Requirements and Unique Risks in the Cloud Environment
  • Analyzing a Law
  • Legal Liability
  • Torts and Negligence
  • U.S. Privacy and Security Laws
  • International Laws
  • Laws, Regulations, and Standards
  • Information Security Management Systems
  • Privacy in the Cloud
  • Cloud Forensics
  • Audit Processes, Methodologies, and Cloud Adaptations
  • Summary
  • Exam Essentials

Lessons 11: Cloud Vendor Management

  • The Impact of Diverse Geographical Locations and Legal Jurisdictions
  • Security Policy Framework
  • Enterprise Risk Management
  • Risk Treatment and Response
  • Risk Analysis
  • Cloud Contract Design
  • Government Cloud Standards
  • Manage Communication with Relevant Parties
  • Summary
  • Exam Essentials

Hands-on LAB Activities

Architectural Concepts

  • Creating a Virtual Machine

Data Classification

  • Displaying Metadata Information
  • Capturing Network Traffic

Cloud Data Security

  • Taking an Incremental Backup
  • Taking a Full Backup
  • Creating an Amazon S3 Glacier Vault
  • Observing an MD5-Generated Hash Value
  • Observing an SHA256-Generated Hash Value
  • Creating a CloudWatch Dashboard and Adding a Metric to it

Security in the Cloud

  • Performing a MITM Attack
  • Using Social Engineering Techniques to Plan an Attack

Cloud Platform, Infrastructure, and Operational Security

  • Configuring a Firewall for Inbound Rules
  • Setting up a Honeypot on Kali Linux
  • Enabling an Access Control List
  • Creating a VPC
  • Creating a Network ACL
  • Configuring Outbound Rules for a Firewall
  • Creating an Elastic Load Balancer
  • Creating a NAT Gateway

Cloud Application Security

  • Configuring a Proxy Server
  • Conducting IP Spoofing
  • Conducting Cross-site Request Forgery (CSRF or XSRF) Attacks
  • Attacking a Website Using Cross-Site Scripting (XSS) Injection

Legal and Compliance Issues

  • Completing the Chain of Custody

Cloud Vendor Management

  • Simulating the DDoS Attack