Autoplay
Autocomplete
Previous Lesson
Complete and Continue
CASAv4: Cloud and Security Architecture
Preparation
Update to version 5 in progress!
Welcome to Cloud and Security Architecture (CASA)
Teachable platform tips
Meet your instructor
Initial survey: where do you come from, where do you want to go?
Don't study alone, many people want to help you!
Pre-class v4 AWS setup instructions
CSA Cloud Security Guidance document
ENISA Cloud Computing Security Risk Assessment
CCSK by module and by domain
The big WHY of cloud computing
CCSK Official Student Handbook and slide deck
A bit of relaxation
Preparation for online training
5 day online program
Online training sessions on Adobe Connect - date and time schedule
Tips for online sessions: tests and sound
Tools for online training, offline study and labs
Introduction - background refresher
Stuff you should know before you begin studying
Computer Science explained in 17 minutes
Networking 101
VLAN
Basics of DNS
Understand public and private keys
Data storage background
NAS, SAN and storage networks
Containers and Docker
Organization of IT services - Phoenix Project
Governance, a business story
Day 1 starting up
Classroom training - Pitch your neighbour
Virtual classroom - Introduction into the CCSK sprint sessions
Day 1 Section 1 Introduction and Architecture
Study and learning approach
Cloud Computing is changing all jobs in IT
CCSK Official Module 1
The AWS story
Demo video: getting started on AWS EC2 (8:53)
A hybrid IT supply chain example (3:55)
What is cloud computing? Essential characteristics.
Service models
Virtualization versus cloud (2:41)
Activity: Service models
Deployment and private cloud
AWS Isolation features drilldown (3:48)
Hybrid cloud definition
Summary CCSK D1 Architecture (3:06)
Quiz CCSK Domain 1
More Domain 1 test questions
Reading guide section 1
Lab 1 Core account security
Links to day 1 live session and recordings
Section 1 Extra material beyond CCSK exam
20 years of Amazon's journey - a case study
Bonus course: Cloud business value
Courseware on the major cloud providers
Cloud concepts reference documents
Cloud brokers (and the business model canvas)
Section 2 Infrastructure Security
CCSK Official Module 2
Cloud infrastructure (15:57)
Cloud Saas/Paas architecture (10:51)
Types of PaaS and a brief intro to APIs (8:57)
Summary D7 Infrastructure Security (2:36)
Summary D8 Virtualization and Containers (0:52)
Summary D6 Management Plane and Business Continuity
CCSKv4 Domain 7 test questions
CCSKv4 Domain 8 test questions
CCSKv4 Domain 6 test questions
Reading guide section 2
Lab 2 IAM and monitoring in-depth
Lab 3 Network and instance security
Links to day 2 live session and recordings
Section 2 Extra material beyond CCSK exam
Software defined networking (SDN) (8:52)
Interoperability and Portability
OpenStack Security Guide
Public cloud provider comparison: names for services
A deeper dive into AWS networking
Lab: infrastructure hardening to the next level
Gartner on Infrastructure security (2016)
Docker, Containers and Container Security (23:09)
Section 3 Risk and Governance
5 elements of cloud security (5:11)
CCSK Official Module 3
Risk and IT security
Governance and enterprise risk management
Summary D2 Governance and ERM
CCSKv4 Domain 2 test questions
Activity D3: legal roles
Activity D3: legal roles - answer unit
Service Agreements
Data protection in the EU (GDPR) (1:21)
Summary D3 Legal, Contracts and E-discovery
CCSKv4 Domain 3 test questions
Audit and Compliance
Summary D4 Compliance and Audit Management
CCSKv4 Domain 4 test questions
CCM AND CAIQ overview
Summary CCM & CAIQ
CCSKv4 CCM test questions
ENISA top risks
ENISA summary of 35 risks
Summary ENISA
CCSKv4 Domain ENISA questions
Reading guide section 3
CCM Cloud Controls Matrix download
Lab 6 Risk and provider assessment
Links to day 3 live session and recordings
Section 3 Extra material beyond CCSK exam
CCM/CAIQ version 4
SaaS security, with examples, and more podcasts
SaaS security in 2020
Cloud Governance Resources (5:05)
Cloud migration strategies and their impact on security and governance
A pragmatic perspective on the GDPR
CSA Security, Trust & Assurance Registry (STAR)
Bonus course: CAIQ, CCM and STAR
The Notorious 'Right to Audit'
Bonus course: Cloud Adoption Essentials and business cases
Section 4 Data and Application Security
CCSK Official Module 4 (extended)
Data protection
Encryption Architectures (5:35)
Summary D11 Data Security and Encryption
CCSKv4 Domain 11 questions
Data Security Lifecycle
Summary D5 Information Governance
CCSKv4 Domain 5 questions
CCSK Official Module 5
Application security
Summary D10 Application security
CCSKv4 Domain 10 questions
Federated Identity Management
Entitlements
Summary D12 Identity, Entitlement and Access Management
CCSKv4 Domain 12 questions
Reading guide section 4
Lab 4 Encryption and storage security
Lab 5 Application security and federation
Links to day 4 live session and recordings
Section 4 Extra material beyond CCSK exam
Four good books to read on DevOps (7:41)
The Capital One breach - case study
Data Security resources
Identity management resources
Encryption (key) management steps
Cloud Encryption - AWS and Azure
PEP, PDP and XACML
A sketch of the continous deployment toolchain (3:52)
API gateway products according to Gartner
Lab: API management with Zapier (Ref 31)
Security in the software supply chain
SBOM and SCA (Software Composition Analysis)
Lab & Demo: Continuous deployment (Ref 35) (4:16)
Google Cloud Function full cloud native example
Docker, Kubernetes and ArgoCD for software deployment at scale (13:58)
Section 5 Cloud Security Operations
CCSK Official Module 6
Incident response
Summary D9 Incident Response
CCSKv4 Domain 9 questions
Security as a Service
Summary D13 SecaaS
CCSKv4 Domain 13 questions
Private cloud example: solvency
Domain 14 Related Technologies
Summary D14 Related Technologies
Reading guide section 5
CCSKv4 Domain 14 questions
Links to day 5 live session and recordings
Section 5 Extra material beyond CCSK exam
SecaaS offerings
Incident response resources
Lab: State of cloud (Ref 70)
How the NSA hacks you and what you can do about it
Hybrid cloud and migration architectures
Provider specific attack approaches
Wrap up and exam preparation
Wrapping up: reviewing the course
Exam preparation guide (10:59)
ENISA Study guide
Abbreviations
Official CCSK exam preparation guide & FAQ
Answer key to the questions
More test questions
As you do the exam (including exam taker comments)
Need CPE points or a certificate of completion?
After your cloud and security architecture course
Spread the word!
Certificate of Cloud Auditing Knowledge
Additional resources to stay up to date
More research done by the CSA
CCSK versus CCSP
Frameworks and overviews
Teach online with
Summary ENISA
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock