Cloud Security Alliance’s CCSK+ (Certificate of Cloud Security Knowledge Plus) - Dublin
The CCSK Plus is designed to educate attendees about the security threats and best practices for securing the cloud. Students will learn to apply this knowledge as they perform a series of exercises such as completing a scenario bringing a fictional organisation securely into the cloud. The first day of the course is predominantly theory based with the remainder of the course focusing on assessing, building, and securing a cloud infrastructure through a series of hands-on/ practical exercises.
The CCSK Plus in strongly supported by a broad coalition of experts and organisations from around the world. Since its launch in 2010, the CCSK Plus has been adopted around the world and is the gold standard for demonstration of cloud security competency. The collaboration with ENISA means that the world’s two leading organisations for vendor neutral cloud security research are providing the foundation for the industry’s first cloud security certification.
This course provides a comprehensive review of cloud security fundamentals. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA).
The course contains expanded material and extensive hands-on activities where you will learn to apply your knowledge as you perform a series of exercises as you complete a scenario bringing a fictional organisation securely into the cloud. Upon successful completion of this course, you will be able to:
- Understand the Cloud Computing Architectural Framework
- Discover Cloud Computing security challenges
- Learn industry best practices and security controls recommendations for Cloud Computing
Cloud Computing Architectural Framework
- Cloud computing evolution
- Cloud vocabulary
- Essential characteristics of cloud computing
- Cloud deployment models
- Cloud service models
- Multi-Tenancy approaches to create a barrier between the Tenants
- Cloud computing threats
- Cloud Reference Model
- The Cloud Cube Model
- Security for cloud computing - How security gets integrated
Legal and Electronic Discovery Risk Management
- Legal and Electronic Discovery Risk Management Security recommendations
Information Lifecycle Management
- Key challenges regarding data lifecycle security Data Security recommendations by ILM Phase
Traditional Security, Business Continuity, and Disaster Recovery
- Risk of insider abuse
- Security baseline
- Customers actions
- Contract, Documentation, Recovery Time Objectives (RTOs)
- Customers responsibility
- Vendor Security Process (VSP)
Incident Response, Notification, and Remediation
- How to identify incidents
- How to respond to security incidents
- Security incident containment
- Security incident response recommendations
Encryption and Key Management
- Encryption for confidentiality and integrity
- Encrypting data at rest
- Key management lifecycle
- Cloud encryption standards
- Hardware Virtualisation
- Software Virtualisation
- Memory Virtualisation
- Storage Virtualisation
- Data Virtualisation
- Network Virtualisation
- Virtualisation Security recommendations
Governance and Enterprise Risk Management
- Information security governance processes
- Governance and enterprise risk management in cloud computing
- Governance recommendations
- Enterprise Risk Management recommendations
- Information Risk Management recommendations
- Third Party Management recommendations
Compliance and Audit
- Cloud customer responsibilities
- Audit Security Recommendations
Portability and Interoperability
- Changing providers reasons
- Changing providers expectations
- Recommendations all cloud solutions
- IaaS Cloud Solutions
- PaaS Cloud Solutions
- SaaS Cloud Solutions
Data Center Operations
- Data Center Operations
- Security challenge
- Implement “Five Principal Characteristics of Cloud Computing
- Data center security recommendations
- Web Application
- Application Weaknesses
- Attack Methods
- What is Web Application Security
- Application security layer
- Vulnerability distribution
- Why Web Application Risks Occur
- Security solutions
- Applications in cloud environments
- Security recommendations
Identity and Access Management
- Identity and Access Management in the cloud
- Identity and Access Management functions
- Identity and Access Management (IAM) Model
- Identity Federation
- Identity provisioning recommendations
- Authentication for SaaS and Paas customers
- Authentication for IaaS customers
- Introducing Identity Services
- Enterprise Architecture with IDaaS
- IDaaS security recommendations
he CCSK examination is a timed, multiple choice examination. The examination consists of 60 multiple choice questions, and must be completed within 90 minutes. A participant must correctly answer 80% of the questions to receive a passing score.
Studying for the CCSK Examination: The body of knowledge for the CCSK examination is the CSA Security Guidance for Critical Areas of Focus in Cloud Computing V3, English language version, and the ENISA report “Cloud Computing: Benefits, Risks and Recommendations for Information Security”. These research documents can be downloaded here:
CSA Guidance: https://cloudsecurityalliance.org/guidance/csaguide.v3.0.pdf
92% of the questions are based on the CSA Guidance and 8% are based on the ENISA report. The very best way to prepare for the CCSK examination is to thoroughly read and understand these two documents.
- IT Professionals working in the cloud
- IT Professionals involved in migration to the cloud
- IT & Information Security Professionals
- Network Administrators
- Information Security Managers
Dublin: Call for dates
Galway: Call for dates
Training with PFH+
WHY TRAIN WITH PFH?
- Pre-training evaluation - PFH will assess your training requirements and levels prior to attending training:
- Instructor led tuition by highly qualified instructor
- Comprehensive manual to accompany PFH public courses
- Training can be customised to meet customer's specific requirements
- Money back guarantee – If you are not happy with the quality of training received, PFH will refund payment
- All PFH trainers are Certified which guarantees that the training you receive will be of the highest quality.
- Each student will have their own PC
- Comprehensive manual to accompany each training course
- Complimentary coffee, tea, biscuits and fruit provided, along with light lunch provided for courses delivered in PFH
- Certificates of Attendance provided to each student on completion of training
- Air conditioned comfortable and spacious training rooms
- Free parking
- If a student feels they have not managed to reach their own personal course objectives, they are welcome to attend the:
- Same public class within 6 months, at no charge
- 60 day post training support – Students can call or email our instructors with any questions / problems they may be experiencing at home or work (or a maximum of 5 calls per course/delegate)
TRAINING FACILITIES PROVIDED BY PFH
When you're learning new skills and meeting new people it's important that you do so in comfortable, modern surroundings.
You'll enjoy a rewarding training course here at PFH premises and benefit from our modern training facilities.
Facilities provided include:
- Air-conditioned training rooms
- High-spec student PC's plus an instructor PC
- Internet access and wireless internet access
- Convenient locations in Cork and Galway
- Overhead projector, whiteboard and flipchart in each room
- Course materials
- Free parking
- Daily refreshments & lunch
Please note that the above facilities are available to rent for your specialised training event also. Please contact PFH Training for rates and information.
Instructor-led training is an effective means of delivering information, as it allows for real-time feedback, questions and answers, manipulation and changeable delivery to suit the needs of learners in a real-time environment. Few educational opportunities are considered more valuable than meeting and interfacing directly with an instructor.
All of our trainers are MCPs [Microsoft Certified Professionals], ECDL certified and MOS Experts which guarantees that the training you receive will be of the highest quality.
PFH has a large portfolio of trainers who can deliver training at our training centres in Cork and Galway, or Nationwide at customer premises or another training centre.
PFH offers instructor led training on our Public Schedule at our training centres in Cork and Galway.
CUSTOMISED INSTRUCTOR- LED TRAINING
PFH provides customised training for groups of 1 to 12 at either PFH's Training Centres at Cork or Galway or on-site at your premises. Content can be taken from any of our course oulines and customised to suit the exact requirmements of your group and scheduled on dates that suit your delegates. Group rates apply contact us for rates.
This method of training ensures your delegates get trained on exactly the topics they require in the duration of time that you can allow to give them.
SEMINAR STYLE TRAINING
Seminar training can be offered where companies require a large number of people to receive initial overview training on the New Interface of an Operating System or Office Applications.
Seminar Training is based solely on demonstrating the New Features and is non hands-on training. The benefits of this type of training is that attendees can get an initial feel for the New Interface of any given application and it can save a lot of time and money during an initial roll out. This type of training instils an element of confidence when people return to their desks to work with the New Interface or Application.
Depending on how the roll out is managed with the installations, training could be run in tandem with this, and groups may also benefit from the trainer doing some “floor walking” following the seminars to assist people when they are back at their desks.
The number of attendees is optional and can range from 20-50 per session. This is dependant on the size of your room!
All training/seminar can be customised specifically to suit group requirements.