Course Outline

Domain 1: Architectural Concepts and Design Requirements

  • Understand Cloud Computing Concepts
  • Describe Cloud Reference Architecture
  • Understand Security Concepts Relevant to Cloud Computing
  • Understand Design Principles of Secure Cloud Computing
  • Identify Trusted Cloud Services

Domain 2: Cloud Data Security

  • Understand Cloud Data Lifecycle (CSA Guidance)
  • Design and Implement Cloud Data Storage Architectures
  • Design and Apply Data Security Strategies
  • Understand and Implement Data Discovery and Classification Technologies
  • Design and Implement Relevant Jurisdictional Data Protections for Personally Identifiable Information (PII)
  • Design and Implement Data Rights Management
  • Plan and Implement Data Retention, Deletion, and Archiving Policies
  • Design and Implement Auditability, Traceability and Accountability of Data Events

Domain 3: Cloud Platform and Infrastructure Security

  • Comprehend Cloud Infrastructure Components
  • Analyze Risks Associated to Cloud Infrastructure
  • Design and Plan Security Controls
  • Plan Disaster Recovery and Business Continuity Management

Domain 4: Cloud Application Security

  • Recognize the need for Training and Awareness in Application Security
  • Understand Cloud Software Assurance and Validation
  • Use Verified Secure Software
  • Comprehend the Software Development Life-Cycle (SDLC) Process
  • Apply the Secure Software Development Life-Cycle
  • Comprehend the Specifics of Cloud Application Architecture
  • Design Appropriate Identity and Access Management (IAM) Solutions

Domain 5: Operations

  • Support the Planning Process for the Data Center Design
  • Implement and Build Physical Infrastructure for Cloud Environment
  • Run Physical Infrastructure for Cloud Environment
  • Manage Physical Infrastructure for Cloud Environment
  • Build Logical Infrastructure for Cloud Environment
  • Run Logical Infrastructure for Cloud Environment
  • Manage Logical Infrastructure for Cloud Environment
  • Ensure Compliance with Regulations and Controls (e.g., ITIL, ISO/IEC 20000-1)
  • Conduct Risk Assesment to Logical and Physical Infrastructure
  • Understand the Collection, Acquisition and Preservation of Digital Evidence
  • Manage Communication with Relevant Parties

Domain 6: Legal and Compliance

  • Understand Legal Requirements and Unique Risks within the Cloud Environment
  • Understand Privacy Issues, Including Jurisdictional Variation
  • Understand Audit Process, Methodologies, and Required Adaptations for a Cloud Environment
  • Understand Implications of Cloud to Enterprise Risk Management
  • Understand Outsourcing and Cloud Contract Design
  • Execute Vendor Management

Requirements

Recommended Prerequisites: CISSP Completion 

  35 Hours

Testimonials (6)

Related Courses

CRISC - Certified in Risk and Information Systems Control

  21 Hours

Cloud Computing Security Knowledge (CCSK) Preparation Course

  21 Hours

Related Categories