CCSK by module and by domain
This course on cloud and security architecture is strongly focussed on CCSK (Certificate of Cloud Security Knowledge) and in particular the CCSK domains as described in the CSA guidance and the ENISA document.
The CSA guidance was written by a committee, and its structure is not the most productive one from a learning perspective. That is why in this course a different structure has been applied.
Below is the sequence that we will go through, in domains per section. Depending on the delivery format this will be mapped onto multiple days of training.
Introduction to cloud computing
Definitions and models
- 1: Cloud Architecture
Infrastructure and virtual networking security
- 6: Management Plane and Business Continuity
- 7: Infrastructure Security
- 8: Virtualization and Containers
Risk and Governance
Legal and compliance, audit, data governance, risk management, CCM
- 2: Governance and Enterprise Risk Management
- 3: Legal issues, Contracts and Electronic Discovery
- 4: Compliance and Audit Management
- ENISA doc, CCM
Data and Application Security
Cloud data architectures, data security and encryption, CASB, identity and access management
- 5: Information Governance
- 10: Application Security
- 11: Data Security and Encryption
- 12: Identity, Entitlement and Access Management
Cloud Security Operations, Review
Monitoring, Security as a Service, incident response, interoperability, IOT, big data and mobile.
- 13: Security as a Service
- 9: Incident Response
- 14: Related Technologies