Autoplay
Autocomplete
Previous Lesson
Complete and Continue
CASA: Cloud and Security Architecture v5
Preparation
CCSK version 5, and FAQ on migrating from version 4
Welcome to Cloud and Security Architecture (CASA)
Teachable platform tips
Meet your instructor
Initial survey: where do you come from, where do you want to go?
Don't study alone, many people want to help you!
CCSK Study Guide, and CSA Security Guidance document
CCSK v5 Exam-Prep Kit
CCSK by module and by domain
The big WHY of cloud computing
CCSK Official Student Handbook and slide deck
A bit of relaxation
Preparation for online training
5 day online program
Online training sessions on Adobe Connect - date and time schedule
Tips for online sessions: tests and sound
Tools for online training, offline study and labs
Introduction - background refresher
Stuff you should know before you begin studying
Basics of DNS
Computer Science explained in 17 minutes
Networking 101
VLAN
Data storage background
NAS, SAN and storage networks
Containers and Docker
Understand public and private keys
Organization of IT services - Phoenix Project
Security 101
Day 1 starting up
Virtual classroom - Introduction into the CCSK sprint sessions
Day 1 Section 1 Introduction and Architecture
Introduction to Cloud Computing, and D1 Key Examination Concepts
Study and learning approach
The AWS story
Demo video: getting started on AWS EC2 (8:53)
A hybrid IT supply chain example (3:55)
Adoption Process and CCSK
What is cloud computing? Essential characteristics.
Service models
Virtualization versus cloud (2:41)
Activity: Service models
Deployment and private cloud
AWS Isolation features drilldown (3:48)
Quiz CCSK Domain 1
Lab 1 Core account security
Links to day 1 live session and recordings
Extra: Private cloud example, solvency
Extra material beyond CCSK exam - part 1
20 years of Amazon's journey - a case study
Bonus course: Cloud business value
Courseware on the major cloud providers
Cloud concepts reference documents
Cloud brokers (and the business model canvas)
Domain 2: Cloud Governance and Strategies
D2 Key examination concepts
Governance, a business story
Governance and enterprise risk management
Cloud Governance Resources (5:05)
Domain 3: Risk, Audit and Compliance
Why are we doing this?
D3 Key examination concepts
5 elements of cloud security (5:11)
Risk and IT security
Audit and Compliance
The Notorious 'Right to Audit'
Data protection in the EU (GDPR) (1:21)
Service Agreements
Service Agreements - detailed
CCM/CAIQ version 4
Domain 4: Organisation Management
D4 Key examination concepts
Extra: Organisation management on AWS
Quiz questions D2-D4
Extra material beyond CCSK exam - part 2
Cloud migration strategies and their impact on security and governance
A pragmatic perspective on the GDPR
CSA Security, Trust & Assurance Registry (STAR)
Bonus course: CAIQ, CCM and STAR
Bonus course: Cloud Adoption Essentials and business cases
Domain 5: Identity and access management
D5 Key examination concepts
Federated Identity Management
Entitlements
Extra: PEP, PDP and XACML
Extra: Identity management resources
Domain 6: Security monitoring
D6 Key examination concepts
SecaaS offerings
Extra: Security as a Service
Domain 7: Infrastructure and networking
D7 Key examination concepts
Cloud infrastructure (15:57)
Software defined networking (SDN) (8:52)
Extra: A deeper dive into AWS networking
Extra: Public cloud provider comparison: names for services
Quiz questions D5-D7
Midway
Midway survey
Domain 8: Cloud workload security
D8 Key examination concepts
Docker, Containers and Container Security (23:09)
Cloud Saas/Paas architecture (10:51)
Types of PaaS and a brief intro to APIs (8:57)
Extra: API gateway products according to Gartner
Extra: Hybrid cloud and migration architectures
Domain 9: Data security
D9 Key examination concepts
Data Security Lifecycle
Data protection
Encryption (key) management steps
Encryption Architectures (5:35)
Extra: Cloud Encryption - AWS and Azure
Extra: Data Security resources
Domain 10: Application security
D10 Key examination concepts
A sketch of the continous deployment toolchain (3:52)
Four good books to read on DevOps (7:41)
Extra: Security in the software supply chain
Extra: SBOM and SCA (Software Composition Analysis)
Lab & Demo: Continuous deployment (Ref 35) (4:16)
Lab: API management with Zapier (Ref 31)
Extra: Docker, Kubernetes and ArgoCD for software deployment at scale (13:58)
Extra: Google Cloud Function full cloud native example
Quiz questions D8-D10
Domain 11: Incident response and resilience
D11 Key examination concepts
Incident response
Incident response resources
Domain 12: Related technology and strategies
D12 Key examination concepts
Extra: Zero Trust resources
Extra: AI resources
Quiz questions D11-D12
Wrap up and exam preparation
Wrapping up: reviewing the course
Exam preparation guide (10:59)
Abbreviations
As you do the exam (including exam taker comments)
Need CPE points or a certificate of completion?
After your cloud and security architecture course
Spread the word!
Certificate of Cloud Auditing Knowledge
Additional resources to stay up to date
More research done by the CSA
CCSK versus CCSP
Frameworks and overviews
Threat modelling and case studies
The Capital One breach - case study
How the NSA hacks you and what you can do about it
Provider specific attack approaches
Extra material beyond CCSK exam - part 3
SaaS security, with examples, and more podcasts
SaaS security in 2020
Lab: infrastructure hardening to the next level
Gartner on Infrastructure security (2016)
Lab: State of cloud (Ref 70)
Teach online with
Extra: Security in the software supply chain
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock