CCSK Plus (Certificate of Cloud Knowledge)
Rich Mogull Dec 3-4
Ends october 15
Ends December 2
Ends December 6
There is a lot of hype and uncertainty around cloud security, but this class will slice through the hyperbole and provide students with the practical knowledge they need to understand the real cloud security issues and solutions. The Cloud Computing Security Knowledge- Plus class provides students a comprehensive two day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA).
This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).
This course is broken out into 6 modules that cover the 14 domains of the CSA Guidance and the ENISA Cloud Computing: Benefits, Risks and Recommendations for Information Security.
- Module 1: Introduction to Cloud Computing.
- Module 2: Securing Cloud Infrastructure.
- Module 3: Managing Cloud Security and Risk.
- Module 4: Securing Cloud Data.
- Module 5: Securing Cloud Users and Applications.
- Module 6: Selecting and Working with Cloud Providers.
The second day of CCSK Plus training includes expanded material and extensive hands-on activities. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.
This second day of training includes additional lecture, although student’s will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises.
- Exercise 1: Introduction and Risk Analysis.
- Exercise 2: Create and Secure a Public Cloud Instance.
- Exercise 3: Encrypt Public Cloud Data.
- Exercise 4: Create and Secure a Cloud Application
- Exercise 5: Identity Management for the Cloud.
- Exercise 6: Create and Secure a Private Cloud.
NOTEStudents will be required to obtain an Amazon Web Services account before the class begins in order to participate in the lab exercises. Instructions will be issued before the class begins.
Rich Mogull, Analyst & CEO of Securosis, LLC
Rich has twenty years experience in information security, physical security, and risk management. He specializes in cloud security, data security, application security, emerging security technologies, and security management. Rich is the primary course developer of the Cloud Security Alliance's CCSK training class and lead for the Data Security working group.
Prior to founding Securosis, Rich was a Research Vice President at Gartner on the security team where he also served as research co-chair for the Gartner Security Summit. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS, a columnist for Dark Reading, and a frequent contributor to publications ranging from Information Security Magazine to Macworld. He is a frequent industry speaker at events including the RSA Security Conference and DefCon, and has spoken on every continent except Antarctica (where he's happy to speak for free -- assuming travel is covered).