Course

Course Summary
Credit Type:
Course
ACE Course Number:
ISCT-0004
Location:
Classroom-based
Length:
40 hours
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Lower-Division Baccalaureate 2 Cloud Computing Security or Information Security
Description

Objective:

The course objective is to provide a comprehensive review of the knowledge required for understanding cloud computing and its information security risks and mitigation strategies. This training course will help students review and refresh their knowledge and identify areas they need to study for the CCSP certification exam. Taught by an (ISC)²-authorized instructor, the course covers six domains, including: domain 1: architectural concepts and design requirements; domain 2: cloud data security; domain 3: cloud platform and infrastructure security; domain 4: cloud application security; domain 5: operations; and domain 6: legal and compliance.

Learning Outcomes:

  • Define the roles and responsibilities of customers, providers, partners, brokers and the various technical professionals that support cloud computing environments
  • Identify and explain the five characteristics required to satisfy the NIST definition of cloud computing
  • Discuss strategies for safeguarding data, classifying data, ensuring privacy, assuring compliance with regulatory agencies and working with authorities during legal investigations
  • Explain strategies for protecting data at rest and data in motion
  • Contrast security aspects of Software Development Lifecycle (SDLC) in standard data center and cloud computing environments
  • Develop Service Level Agreements (SLAs) for cloud computing environments
  • Conduct risk assessments of existing and proposed cloud-based environments
  • State the professional and ethical standards of (ISC)² and the Certified Cloud Security Professional
  • Describe the physical and virtual components of and identify the principal technologies of cloud based systems
  • Differentiate between various as-a-service delivery models and frameworks that are incorporated into the cloud computing reference architecture
  • Contrast between forensic analysis in corporate data center and cloud computing environments
  • Evaluate and implement the security controls necessary to ensure confidentiality, integrity and availability in cloud computing
  • Identify and explain the six phases of the data lifecycle
  • Describe the role of encryption in protecting data and specific strategies for key management
  • Compare a variety of cloud-based business continuity / disaster recovery strategies and select an appropriate solution to specific business requirements
  • Describe how federated identity and access management solutions mitigate risks in cloud computing systems
  • Conduct gap analysis between baseline and industry-standard best practices

General Course Topics:

  • Domain 1: architectural concepts and design requirements
  • Domain 2: cloud data security
  • Domain 3: cloud platform and infrastructure security
  • Domain 4: cloud application security
  • Domain 5: operations
  • Domain 6: legal and compliance
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Case Studies
  • Classroom Exercise
  • Discussion
  • Lectures
  • Practical Exercises

Methods of Assessment:

  • Examinations

Minimum Passing Score:

70%
Supplemental Materials