CSA - Firebrand's training for CSA's Certified Cloud Security Knowledge (CCSK) exam

Duration

Duration:

Only 2 Days

Method

Method:

Classroom / Online / Hybrid

Next date

Next date:

4/4/2022 (Monday)

Overview

On this 2-day accelerated Firebrand course for CSA's Certificate of Cloud Security Knowledge (CCSK) exam, you'll validate your understanding of the best practices surrounding cloud security. This Firebrand course, designed to deliver knowledge equivalent to the CSA's CCSK Basic and the CCSK Plus, aims to ensure that you have a demonstrated awareness of the security threats facing your cloud infrastructure.

On this Firebrand course you'll cover:

  • A comprehensive review of cloud security fundamentals
  • The major domains in the latest Guidance document from Cloud Security Alliance (CSA)
  • Recommendations from the European Network and Information Security Agency (ENISA)
  • Expanded material and hands-on tasks in a series of exercises that include bringing a fictional organisation securely into the cloud.

Firebrand's unique Lecture | Lab | Review technique combines both theoretical knowledge with practical, hands-on skills. This technique will accelerate your learning and ensure you have the ability to apply your new found knowledge as soon as you return to work.

As part of Firebrand' own course, you'll be prepared for and sit the CSA Certificate of Cloud Security Knowledge (CCSK) exam. This is covered by your Certification Guarantee.

This course is aimed at a broad range of professionals with responsibilities related to cloud computing and security.

Seven reasons why you should sit your CCSK course with Firebrand Training

  1. You'll be CCSK certified in just 2 days. With us, you’ll be CCSK trained in record time
  2. Our CCSK course is all-inclusive. A one-off fee covers all course materials, exams, accommodation and meals. No hidden extras
  3. Pass CCSK first time or train again for free. This is our guarantee. We’re confident you’ll pass your course first time. But if not, come back within a year and only pay for accommodation, exams and incidental costs
  4. You’ll learn more CCSK. A day with a traditional training provider generally runs from 9am – 5pm, with a nice long break for lunch. With Firebrand Training you’ll get at least 12 hours/day quality learning time, with your instructor
  5. You’ll learn CCSK faster. Chances are, you’ll have a different learning style to those around you. We combine visual, auditory and tactile styles to deliver the material in a way that ensures you will learn faster and more easily
  6. You’ll be studying CCSK with the best. We’ve been named in Training Industry’s “Top 20 IT Training Companies of the Year” every year since 2010. As well as winning many more awards, we’ve trained and certified 102,635 professionals, and we’re partners with all of the big names in the business
  7. You'll do more than study CCSK courseware. We use practical exercises to make sure you can apply your new knowledge to the work environment. Our instructors use demonstrations and real-world experience to keep the day interesting and engaging

Benefits

Other accelerated training providers rely heavily on lecture and independent self-testing and study.

Effective technical instruction must be highly varied and interactive to keep attention levels high, promote camaraderie and teamwork between the students and instructor, and solidify knowledge through hands-on learning.

Firebrand Training provides instruction to meet every learning need:

  • Intensive group instruction
  • One-on-one instruction attention
  • Hands-on labs
  • Lab partner and group exercises
  • Question and answer drills
  • Independent study

This information has been provided as a helpful tool for candidates considering training. Courses that include certification come with a certification guarantee. Pass first time or train again for free (just pay for accommodation and exams on your return). We do not make any guarantees about personal successes or benefits of obtaining certification. Benefits of certification determined through studies do not guarantee any particular personal successes.

Curriculum

On this Firebrand Course, you'll cover the following topics:

Domain 1: Cloud Computing Concepts and Architectures

  • Defining Cloud Computing
  • Definitional Model
    • Essential Characteristics
    • Service Models
    • Deployment Models
  • Reference and Architecture Models
    • Infrastructure as a Service
    • Platform as a Service
    • Software as a Service
  • Logical Model
  • Cloud Security and Compliance Scope and Responsibilities
  • Cloud Security Models
    • A Simple Cloud Security Process Model
  • Governing in the Cloud
  • Operating in the Cloud

Domain 2: Governance and Enterprise Risk Management

  • Governance
    • Tools of Cloud Governance
  • Enterprise Risk Management
  • The Effects of Service Model and Deployment Model
    • Service Models
    • Deployment Models
    • Cloud Risk Management Trade-Offs
    • Cloud Risk Management Tools

Domain 3: Legal Issues, Contracts and Electronic Discover

  • Legal Frameworks Governing Data Protection and Privacy
    • Common Themes
    • Required Security Measures
    • Restrictions to Cross-border Data Transfers
    • Regional Examples – GDPR, NIS Directive, US Federal and State Laws
  • Contracts and Provider Selection
    • Internal Due Diligence
    • Monitoring, Testing, and Updating
    • External Due Diligence
    • Contract Negotiations
    • Reliance on Third-Party Audits and Attestations
  • Electronic Discovery
    • Possession, Custody and Control
    • Relevant Cloud Applications and Environment
    • Searchability and E-Discovery Tools
    • Preservation
    • Data Retention Laws and Record Keeping Obligations
    • Collection
    • Direct Access
    • Native Production
    • Authentication
    • Cooperation Between Provider and Client in E-Discovery
    • Response to a Subpoena or Search Warrant
    • More Information

Domain 4: Compliance and Audit Management

  • Compliance
    • How Cloud Changes Compliance
  • Audit Management
    • How Cloud Changes Audit Management

Domain 5: Information Governance

  • Cloud Information Governance Domains
  • The Data Security Lifecycle
    • Locations and Entitlements
    • Functions, Actors, and Controls

Domain 6: Management Plane and Business Continuity

  • Business Continuity and Disaster Recovery in the Cloud
    • Architect for Failure
  • Management Plane Security
    • Accessing the Management Plane
    • Securing the Management Plane
    • Management Plane Security When Building/Providing a Cloud Service
  • Business Continuity and Disaster Recovery
    • Business Continuity Within the Cloud Provider
    • Business Continuity for Loss of the Cloud Provider
    • Business Continuity For Private Cloud and Providers

Domain 7: Infrastructure Security

  • Cloud Network Virtualisation
  • How Security Changes With Cloud Networking
    • Challenges of Virtual Appliances
    • SDN Security Benefits
    • Microsegmentation and the Software Defined Perimeter
    • Additional Considerations for Cloud Providers or Private Clouds
    • Additional Considerations for Cloud Providers or Private Clouds
  • Cloud Compute and Workload Security
    • How Cloud Changes Workload Security
    • Immutable Workloads Enable Security
    • The Impact of Cloud on Standard Workload Security Controls
    • Changes to Workload Security Monitoring and Logging
    • Changes to Vulnerability Assessment
    • Cloud Storage Security

Domain 8: Virtualisation and Containers

  • Major Virtualisation Categories Relevant to Cloud Computing
    • Compute
  • Network
    • Monitoring and Filtering
    • Management Infrastructure
    • Cloud Overlay Networks
  • Storage
  • Containers

Domain 9: Incident Response

  • Incident Response Lifecycle
  • How the Cloud Impacts IR
    • Preparation
    • Detection and Analysis
    • Containment, Eradication and Recovery
    • Post-mortem

Domain 10: Application Security

  • Introduction to the Secure Software Development Lifecycle and Cloud Computing
  • Secure Design and Development
  • Secure Deployment
    • Impact on Vulnerability Assessment
    • Impact on Penetration Testing
    • Deployment Pipeline Security
    • Impact of Infrastructure as Code and Immutable
  • Secure Operations
  • How Cloud Impacts Application Design and Architectures
  • Additional Considerations for Cloud Providers
  • The Rise and Role of DevOps
    • Security Implications and Advantages

Domain 11: Data Security and Encryption

  • Data Security Controls
  • Cloud Data Storage Types
  • Managing Data Migrations to the Cloud
    • Securing Cloud Data Transfers
  • Securing Data in the Cloud
    • Cloud Data Access Controls
    • Storage (At-Rest) Encryption and Tokenization
    • Key Management (Including Customer-Managed Keys)
  • Data Security Architectures
  • Monitoring, Auditing, and Alerting
  • Additional Data Security Controls
    • Cloud Platform/Provider-Specific Controls
    • Data Loss Prevention
    • Enterprise Rights Management
    • Data Masking and Test Data Generation
  • Enforcing Lifecycle Management Security

Domain 12: Identity, Entitlement, and Access Management

  • How IAM is Different in the Cloud
  • IAM Standards for Cloud Computing
  • Managing Users and Identities for Cloud Computing
  • Authentication and Credentials
  • Entitlement and Access Management
  • Privileged User Management

Domain 13: Security as a Service

  • Potential Benefits and Concerns of SecaaS
  • Major Categories of Security as a Service Offerings
    • Identity, Entitlement, and Access Management Services
    • Cloud Access and Security Brokers (CASB, also known as Cloud Security Gateways)
    • Web Security (Web Security Gateways)
    • Email Security
    • Security Assessment
    • Web Application Firewalls
    • Intrusion Detection/Prevention (IDS/IPS)
    • Security Information & Event Management (SIEM)
    • Encryption and Key Management
    • Business Continuity and Disaster Recovery
    • Security Management
    • Distributed Denial of Service Protection

Domain 14: Related Technologies

  • Big Data
    • Security and Privacy Considerations
    • Data Collection
    • Key Management
    • Security Capabilities
    • Identity and Access Management
    • PaaS
  • Internet of Things (IoT)
  • Mobile
  • Serverless Computing

Exam Track

You'll sit the following exam at the Firebrand Training Centre, covered by your Certification Guarantee:

  • CSA Certificate of Cloud Security Knowledge (CCSK) exam

Additional exam information:

  • 60 online multiple choice questions
  • Time limit: 90 minutes
  • Pass rate: 80%

What's Included

Firebrand Training offers top-quality technical education and certification training in an all-inclusive course package specifically designed for the needs and ease of our students. We attend to every detail so our students can focus solely on their studies and certification goals.

Our Certification Programs includes

  • Intensive Hands-on Training Utilising our (Lecture | Lab | Review)TM Delivery
  • Comprehensive Study Materials, Program Courseware and Self-Testing Software including MeasureUp *
  • Fully instructor-led program with 24 hour lab access
  • Examination vouchers **
  • Near site testing, Transportation to/from Testing Center are provided ***
  • Accommodation, all meals, unlimited beverages, snacks and tea / coffee****
  • Examination Passing Policy

Please note

  • * Not on all courses
  • ** Examination vouchers are not included for the following courses: PMP, CAPM and CISSP CBK Review
  • *** Not included in our PMP, CAPM, CISA, CISM, CGEIT, CRISC, (ISC)2 or ITIL Managers and Revision Certifications
  • **** Accommodation not included on the CISSP CBK Review Seminar

Our instructors teach to accommodate every student's learning needs through individualised instruction, hands-on labs, lab partner and group exercises, independent study, self-testing, and question/answer drills.

Firebrand Training has dedicated, well-equipped educational facilities where you will attend instruction and labs and have access to comfortable study and lounging rooms. Our students consistently say our facilities are second-to-none.

Examination Passing Policy

Should a student complete a Firebrand Training Program without having successfully passed all vendor examinations, the student may re-attend that program for a period of one year.  Students will only be responsible for accommodations and vendor exam fees.

Prerequisites

You should have a basic understanding of security fundamentals, such as firewalls, secure development, encryption and identity management.

Unsure whether you meet the prerequisites? Don’t worry. Your training consultant will discuss your background with you to understand if this course is right for you.

Reviews

Here's the Firebrand Training review section. Since 2001 we've trained exactly 102,635 students and asked them all to review our Accelerated Learning. Currently, 96.68% have said Firebrand exceeded their expectations.

Read reviews from recent accelerated courses below or visit Firebrand Stories for written and video interviews from our alumni.


"Prince 2 Foundation & Practitioner course is intensive but well run and I passed!"
C.P.. (2/4/2021 (Friday) to 4/4/2021 (Sunday))

"Excellent course content. Week went really quickly"
Darren Crofts, Gizmo Networking. (2/4/2021 (Friday) to 7/4/2021 (Wednesday))

"I cannot commend Firebrand enough for how well the hybrid classroom was practiced. Everyone in the classroom was socially distanced, with 8 more people online, and we all felt comfortable, attended to, and safe, whilst learning a lot in an accelerated fashion. I was able to take the course over bank holiday, and returned to the office a certified project manager. Highly recommend receiving training with Firebrand."
Phoebe Savvides, Firebrand Training. (2/4/2021 (Friday) to 4/4/2021 (Sunday))

"My experience with Firebrand Training was superb. I really enjoyed the course."
Balwinder Jeer, CQC. (2/4/2021 (Friday) to 4/4/2021 (Sunday))

"Thanks to Firebrand team for helping me pass CISSP first time."
Steve Lodge, Managing IT Limited. (2/4/2021 (Friday) to 7/4/2021 (Wednesday))

Course Dates

CSA - Firebrand's training for CSA's Certified Cloud Security Knowledge (CCSK) exam

Start

Finish

Status

Book now

4/4/2022 (Monday)

5/4/2022 (Tuesday)

Open

Book now

Latest Reviews from our students